How to Resolve SSL Connection Error When Connecting to Google Cloud SQL with Go?

Connecting to Google Cloud SQL Using SSL with Go

Question:

When attempting to connect to Google Cloud SQL from Google App Engine using Go and the go-sql-driver, an x509 certificate error occurs, with the message:

"x509: certificate is valid for projectName:instanceName, not projectName"

Answer:

This error typically indicates that additional configuration is required when using SSL to connect to Cloud SQL. While the project-id:instance-name should be specified in the sql.Open() connection string, it is also necessary to set the ServerName property when registering a custom TLSConfig with the mysql driver.

To resolve the issue, ensure that the TLS setup includes a ServerName in the call to RegisterTLSConfig:

<code class="go">mysql.RegisterTLSConfig("custom", &tls.Config{
    RootCAs:      rootCertPool,
    Certificates: clientCert,
    ServerName:   "projectName:instanceName",
})</code>

Subsequently, append ?tls=nameOfYourCustomTLSConfig to the connection string:

<code class="go">db, err := sql.Open("mysql", "user@cloudsql(project-id:instance-name)/dbname?tls=custom")</code>

By following these steps, you can establish a secure connection to Google Cloud SQL using SSL.

The above is the detailed content of How to Resolve SSL Connection Error When Connecting to Google Cloud SQL with Go?. For more information, please follow other related articles on the PHP Chinese website!