我正在尝试创建与Cloud SQL数据库的TLS连接,但是当我尝试准备语句时,出现了以下错误:
x509: cannot validate certificate for <cloud sql instance ip>
because it doesn't contain any IP SANs
这是我的设置代码:
rootCertPool := x509.NewCertPool()
pem, err := ioutil.ReadFile("/path/server-ca.pem")
if err != nil {
log.Fatal(err)
}
if ok := rootCertPool.AppendCertsFromPEM(pem); !ok {
log.Fatal("Failed to append PEM.")
}
clientCert := make([]tls.Certificate, 0, 1)
certs, err := tls.LoadX509KeyPair("/path/client-cert.pem",
"/path/client-key.pem")
if err != nil {
log.Fatal(err)
}
clientCert = append(clientCert, certs)
mysql.RegisterTLSConfig("custom", &tls.Config{
RootCAs: rootCertPool,
Certificates: clientCert,
})
db, err := sql.Open("mysql",
"<user>:<password>@tcp(<cloud sql ip>:3306)/<db_name>?tls=custom")