Open lorenzoaiello opened 4 years ago
Definitely doable. The kong nodes could download the certificate and specify it in the lua_ssl_trusted_certificate setting. This could be optional/bool toggle to turn it off and on. I'll need to check if this can be prioritized, but in the mean time happy to accept a PR.
I'm not sure we actually need to download and set the certificate since they are publicly signed certs and we are using the native RDS DNS endpoint.
It would be great if we could enable SSL encryption from the Kong nodes to RDS.
Based on the Kong docs, it appears to be possible: https://docs.konghq.com/1.4.x/configuration/#postgres-settings