forked from shogo82148/rdsmysql
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcertificate.go
35 lines (29 loc) · 1021 Bytes
/
certificate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
//go:generate go run internal/cmd/update_certificate/main.go
package rdsmysql
import (
"crypto/tls"
"crypto/x509"
"errors"
"github.com/go-sql-driver/mysql"
)
// Certificates is the certificates for connecting RDS MySQL with SSL/TLS.
// It contains the intermediate and root certificates for [Amazon RDS MySQL] and [Amazon Aurora MySQL].
//
// [Amazon RDS MySQL]: https://docs.aws.amazon.com/ja_jp/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
// [Amazon Aurora MySQL]: https://docs.aws.amazon.com/ja_jp/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html
const Certificates = rdsCertificates
// TLSConfig is the tls.TLSConfig for connecting RDS MySQL with SSL/TLS.
var TLSConfig *tls.Config
func init() {
rootCertPool := x509.NewCertPool()
if ok := rootCertPool.AppendCertsFromPEM([]byte(Certificates)); !ok {
panic(errors.New("failed to append certs"))
}
TLSConfig = &tls.Config{
RootCAs: rootCertPool,
}
err := mysql.RegisterTLSConfig("rdsmysql", TLSConfig)
if err != nil {
panic(err)
}
}