We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When I specify rejectUnauthorized=true and verifyIdentity=false, I still get an error:
Hostname/IP does not match certificate's altnames: ...
So it seems like verifyIdentity does not have any effect. Looking at the code it seems like lib/connection.js line 372 is unreachable:
verifyIdentity
https://github.com/sidorares/node-mysql2/blob/1d983fa46031a77c689faea5f69e6e0baa1b3de7/lib/connection.js#L372C19-L372C19
const ca = readFileSync(path.join(__dirname, `/ssl-ca/amazon-root-ca-1.pem`)).toString() // RDS Proxy pool = await createConnection({ host, user, password, database, port, ssl: { ca, rejectUnauthorized: true, verifyIdentity: false } })
The text was updated successfully, but these errors were encountered:
Same issue have been reported here: #2119 (comment)
Sorry, something went wrong.
Hi guys,
Did anyone knows any temporary workaround to make this scenario work until the related or get merged and released?
Thanks in advance
Hi guys, Did anyone knows any temporary workaround to make this scenario work until the related or get merged and released? Thanks in advance
You can set rejectUnauthorized=false ; in most cases this is unacceptable though.
rejectUnauthorized=false
If you are creating a CNAME dns entry to an RDS server / RDS proxy - you could also resolve the CNAME to the original DNS entry:
import { resolveCname } from 'dns/promises' //... const originalHostname = (await resolveCname(alias))[0] // create mysql connection
This is also not ideal since it adds unnecessary requests to DNS.
Successfully merging a pull request may close this issue.
When I specify rejectUnauthorized=true and verifyIdentity=false, I still get an error:
Hostname/IP does not match certificate's altnames: ...
So it seems like
verifyIdentity
does not have any effect. Looking at the code it seems like lib/connection.js line 372 is unreachable:https://github.com/sidorares/node-mysql2/blob/1d983fa46031a77c689faea5f69e6e0baa1b3de7/lib/connection.js#L372C19-L372C19
The text was updated successfully, but these errors were encountered: