您的位置: 首页  >  技术问答  >  如何使用gorm创建与MySQL的SSL连接?

如何使用gorm创建与MySQL的SSL连接?

分类: 技术问答 2022-03-10 11:51:17
问题描述:

Can't seem to find any resource on creating a SSL connection to mysql using gorm. I am creating a non-ssl connection like this:

cfg := mysql.Config{
    User:   config.User,
    Passwd: config.Password,
    Addr:   fmt.Sprintf("%s:%d", config.Host, config.Port),
    Net:    "tcp",
    Params: options,
}

str := cfg.FormatDSN()
db, err := gorm.Open("mysql", str)

Passing 'ssl-ca' option in Param options with path to 'pem' file does not seem to work. Any heads up on this?

This is a fragment of my working code :

isTLS := false

if mysqlClientKey != "" && mysqlCaCert != ""  && mysqlClientCert != "" {
    isTLS = true
    rootCertPool := x509.NewCertPool()
    pem, err := ioutil.ReadFile("/path/mysqlCaCert")
    if err != nil {
        log.Fatal(err)
    }
    if ok := rootCertPool.AppendCertsFromPEM(pem); !ok {
        log.Fatal("Failed to append PEM.")
    }
    clientCert := make([]tls.Certificate, 0, 1)
    certs, err := tls.LoadX509KeyPair("/path/mysqlClientCert", "/path/mysqlClientKey")
    if err != nil {
        log.Fatal(err)
    }
    clientCert = append(clientCert, certs)
    mysql.RegisterTLSConfig("custom", &tls.Config{
        RootCAs:      rootCertPool,
        Certificates: clientCert,
    })
}

// try to connect to mysql database.
cfg := mysql.Config{
    User:   username,
    Passwd: password,
    Addr:   server, //IP:PORT
    Net:    "tcp",
    DBName: database,
    Loc: time.Local,
    AllowNativePasswords: true,
    Params: o,
}

if isTLS == true {
    cfg.TLSConfig = "custom"
}

str := cfg.FormatDSN()

db, err := gorm.Open("mysql", str)

相关推荐