Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL AMAZON RDS #10879

Open
ddias00 opened this issue May 6, 2024 · 2 comments
Open

SSL AMAZON RDS #10879

ddias00 opened this issue May 6, 2024 · 2 comments
Labels
bug requires triage

Comments

@ddias00
Copy link

ddias00 commented May 6, 2024
edited

Issue description

update aws rds amazon rds

Expected Behavior

I'm using the ssl: Amazon RDS option for my RDS certificates.

In the month of August, aws certificates need to be updated to a new version in RDS.

I verified that in the documentation the project responsible for updating the certificates is:
ssl - object with ssl parameters or a string containing the name of ssl profile. See SSL options.
https://github.com/mysqljs/mysql

I can't open a pr to add the certificate nor can I contact the people responsible.

I need to add this certificate to https://github.com/mysqljs/mysql/blob/master/lib/protocol/constants/ssl_profiles.js

    /**
     * Amazon RDS us-east-1 Root CA 2021 to 2061
     *
     *   CN = Amazon RDS us-east-1 2021 CA
     *   OU = Amazon RDS
     *   O = Amazon Web Services, Inc.
     *   L = Seattle
     *   ST = Washington
     *   C = US
     *   P = 2021-05-25T18:34:57Z/2061-05-25T19:34:57Z
     *   F = 2F:A7:7E:F8:94:D9:83:BA:9D:37:AD:69:9C:84:AB:0F:65:7B:E1:C8
     */
    '-----BEGIN CERTIFICATE-----\n'
    + 'MIID/zCCAuegAwIBAgIRAPVSMfFitmM5PhmbaOFoGfUwDQYJKoZIhvcNAQELBQAw\n'
    + 'gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ\n'
    + 'bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn\n'
    + 'QW1hem9uIFJEUyB1cy1lYXN0LTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH\n'
    + 'DAdTZWF0dGxlMCAXDTIxMDUyNTIyMzQ1N1oYDzIwNjEwNTI1MjMzNDU3WjCBlzEL\n'
    + 'MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x\n'
    + 'EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6\n'
    + 'b24gUkRTIHVzLWVhc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcMB1Nl\n'
    + 'YXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu9H7TBeGoDzMr\n'
    + 'dxN6H8COntJX4IR6dbyhnj5qMD4xl/IWvp50lt0VpmMd+z2PNZzx8RazeGC5IniV\n'
    + '5nrLg0AKWRQ2A/lGGXbUrGXCSe09brMQCxWBSIYe1WZZ1iU1IJ/6Bp4D2YEHpXrW\n'
    + 'bPkOq5x3YPcsoitgm1Xh8ygz6vb7PsvJvPbvRMnkDg5IqEThapPjmKb8ZJWyEFEE\n'
    + 'QRrkCIRueB1EqQtJw0fvP4PKDlCJAKBEs/y049FoOqYpT3pRy0WKqPhWve+hScMd\n'
    + '6obq8kxTFy1IHACjHc51nrGII5Bt76/MpTWhnJIJrCnq1/Uc3Qs8IVeb+sLaFC8K\n'
    + 'DI69Sw6bAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE7PCopt\n'
    + 'lyOgtXX0Y1lObBUxuKaCMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOC\n'
    + 'AQEAFj+bX8gLmMNefr5jRJfHjrL3iuZCjf7YEZgn89pS4z8408mjj9z6Q5D1H7yS\n'
    + 'jNETVV8QaJip1qyhh5gRzRaArgGAYvi2/r0zPsy+Tgf7v1KGL5Lh8NT8iCEGGXwF\n'
    + 'g3Ir+Nl3e+9XUp0eyyzBIjHtjLBm6yy8rGk9p6OtFDQnKF5OxwbAgip42CD75r/q\n'
    + 'p421maEDDvvRFR4D+99JZxgAYDBGqRRceUoe16qDzbMvlz0A9paCZFclxeftAxv6\n'
    + 'QlR5rItMz/XdzpBJUpYhdzM0gCzAzdQuVO5tjJxmXhkSMcDP+8Q+Uv6FA9k2VpUV\n'
    + 'E/O5jgpqUJJ2Hc/5rs9VkAPXeA==\n'
    + '-----END CERTIFICATE-----\n'
    ```

Need help.

### Actual Behavior

error is happening when I update certificate in RDS

![5cbc7365-0bdd-4567-8d9c-7523ec208e66](https://github.com/typeorm/typeorm/assets/17050697/db0baa97-21f5-4fd1-ad93-0be6d139d15d)

### Steps to reproduce

n/d

### My Environment

| Dependency          | Version  |
| ---                 | ---      |
| Operating System    |          |
| Node.js version     | 20  |
| Typescript version  | 5.1.3  |
| TypeORM version     | 0.3.20  |


### Additional Context

_No response_

### Relevant Database Driver(s)

- [ ] aurora-mysql
- [ ] aurora-postgres
- [ ] better-sqlite3
- [ ] cockroachdb
- [ ] cordova
- [ ] expo
- [ ] mongodb
- [X] mysql
- [ ] nativescript
- [ ] oracle
- [ ] postgres
- [ ] react-native
- [ ] sap
- [ ] spanner
- [ ] sqlite
- [ ] sqlite-abstract
- [ ] sqljs
- [ ] sqlserver

### Are you willing to resolve this issue by submitting a Pull Request?

Yes, I have the time, and I know how to start.
@tivaliy
Copy link

tivaliy commented May 14, 2024
edited

@ddias00 maybe you can use mysql2 instead. It already has certificate you are required:

https://github.com/sidorares/node-mysql2/blob/master/lib/constants/ssl_profiles.js#L1789-L1810

@ddias00
Copy link
Author

ddias00 commented May 14, 2024
edited

@ddias00talvez você possa usar mysql2em seu lugar. Já possui certificado é necessário:

https://github.com/sidorares/node-mysql2/blob/master/lib/constants/ssl_profiles.js#L1789-L1810

@tivaliy Thank you very much for the recommendation, but I would just like to insert the certificate in this project so I don't have to change all the services I have today.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug requires triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tivaliy @ddias00