mysqljs / mysql

A pure node.js JavaScript Client implementing the MySQL protocol.
MIT License
18.31k stars 2.53k forks source link

Error connecting to Aurora DB using the "Amazon RDS" profile #2539

Closed varunmenon closed 2 years ago

varunmenon commented 2 years ago

Hi,

I'm trying to connect to an Aurora DB provisioned in the Asia Pacific (Sydney) region using SSL - using the "Amazon RDS" profile from a node application hosted on Tanzu platform (PCF). However, getting the following error:

"Error: unable to get local issuer certificate"

Here's my config:

       {
            host: process.env.DB_HOST_NAME,
            user: process.env.DB_USER,
            password: process.env.DB_PASSWORD,
            database: process.env.DB_NAME,
            multipleStatements: true,
            ssl: "Amazon RDS"
        }

When I try to use the "rejectUnauthorized" to false, the connection succeeds. Also, Java applications are able to successfully connect and so does npm applications when trying to run db migrations using the db-migrate package (specifying ssl to true). Any idea what I could be doing wrong?

dougwilson commented 2 years ago

Hi, sorry you are having trouble. It looks like the cert is in the module, but they do change over time. What version of this module are you using? Recently the certs were updated.

varunmenon commented 2 years ago

Oh ok. I'm currently using version 2.16.0. Will try updating to 2.18.1 (?) and see if that solves the issue.

dougwilson commented 2 years ago

Gotcha. I believe you need the updated certs in 2.18.0 for that region now as RDS continues to migrate to the new 2024 certs.

varunmenon commented 2 years ago

That works. Thanks @dougwilson