Skip to content

Commit

Permalink
fix: handshake SSL error with AWS RDS (#2857)
Browse files Browse the repository at this point in the history
* fix: handshake SSL error with AWS RDS

* chore: deprecate `Amazon RDS` ssl option

* docs: use `aws-ssl-profiles`

* ci: adjust coverage rate
  • Loading branch information
wellwelwel authored Jul 15, 2024
1 parent cd0b059 commit de071bb
Show file tree
Hide file tree
Showing 8 changed files with 74 additions and 2,891 deletions.
4 changes: 2 additions & 2 deletions .nycrc
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@
"include": ["index.js", "promise.js", "lib/**/*.js"],
"exclude": ["mysqldata/**", "node_modules/**", "test/**"],
"reporter": ["text", "lcov", "cobertura"],
"statements": 88,
"statements": 86,
"branches": 84,
"functions": 77,
"lines": 88,
"lines": 86,
"checkCoverage": true,
"clean": true
}
2 changes: 1 addition & 1 deletion codecov.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ coverage:
status:
project:
default:
target: 89%
target: 88%
threshold: 2%
patch:
default:
Expand Down
2,889 changes: 7 additions & 2,882 deletions lib/constants/ssl_profiles.js

Large diffs are not rendered by default.

15 changes: 15 additions & 0 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@
"author": "Andrey Sidorov <[email protected]>",
"license": "MIT",
"dependencies": {
"aws-ssl-profiles": "^1.1.1",
"denque": "^2.1.0",
"generate-function": "^2.3.1",
"iconv-lite": "^0.6.3",
Expand Down
18 changes: 16 additions & 2 deletions website/docs/examples/connections/create-connection.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -218,25 +218,34 @@ You can use **Amazon RDS** string as value to ssl property to connect to **Amazo

In that case https://s3.amazonaws.com/rds-downloads/mysql-ssl-ca-cert.pem CA cert is used:

```sh
npm install --save aws-ssl-profiles
```

<Tabs>
<TabItem value='promise.js' default>

```js
import mysql from 'mysql2/promise';
import awsCaBundle from 'aws-ssl-profiles';

try {
// highlight-start
const connection = await mysql.createConnection({
// ...
host: 'db.id.ap-southeast-2.rds.amazonaws.com',
ssl: 'Amazon RDS',
ssl: awsCaBundle,
});
// highlight-end
} catch (err) {
console.log(err);
}
```

:::info
For detailed instructions, please follow the [**AWS SSL Profiles documentation**](https://github.com/mysqljs/aws-ssl-profiles?tab=readme-ov-file#readme).
:::

:::tip Testing

```js
Expand All @@ -257,18 +266,23 @@ try {

```js
const mysql = require('mysql2');
const awsCaBundle = require('aws-ssl-profiles');

const connection = mysql.createConnection({
// ...
host: 'db.id.ap-southeast-2.rds.amazonaws.com',
ssl: 'Amazon RDS',
ssl: awsCaBundle,
});

connection.addListener('error', (err) => {
console.log(err);
});
```

:::info
For detailed instructions, please follow the [**AWS SSL Profiles documentation**](https://github.com/mysqljs/aws-ssl-profiles?tab=readme-ov-file#readme).
:::

:::tip Testing

```js
Expand Down
18 changes: 16 additions & 2 deletions website/docs/examples/connections/create-pool.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -298,18 +298,23 @@ You can use **Amazon RDS** string as value to ssl property to connect to **Amazo

In that case https://s3.amazonaws.com/rds-downloads/mysql-ssl-ca-cert.pem CA cert is used:

```sh
npm install --save aws-ssl-profiles
```

<Tabs>
<TabItem value='promise.js' default>

```js
import mysql from 'mysql2/promise';
import awsCaBundle from 'aws-ssl-profiles';

try {
// highlight-start
const pool = mysql.createPool({
// ...
host: 'db.id.ap-southeast-2.rds.amazonaws.com',
ssl: 'Amazon RDS',
ssl: awsCaBundle,
});
const connection = await pool.getConnection();
// highlight-end
Expand All @@ -322,6 +327,10 @@ try {
}
```

:::info
For detailed instructions, please follow the [**AWS SSL Profiles documentation**](https://github.com/mysqljs/aws-ssl-profiles?tab=readme-ov-file#readme).
:::

:::tip Testing

```js
Expand All @@ -342,11 +351,12 @@ try {

```js
const mysql = require('mysql2');
const awsCaBundle = require('aws-ssl-profiles');

const pool = mysql.createPool({
// ...
host: 'db.id.ap-southeast-2.rds.amazonaws.com',
ssl: 'Amazon RDS',
ssl: awsCaBundle,
});

pool.getConnection(function (err, connection) {
Expand All @@ -361,6 +371,10 @@ pool.getConnection(function (err, connection) {
});
```

:::info
For detailed instructions, please follow the [**AWS SSL Profiles documentation**](https://github.com/mysqljs/aws-ssl-profiles?tab=readme-ov-file#readme).
:::

:::tip Testing

```js
Expand Down
18 changes: 16 additions & 2 deletions website/docs/examples/connections/createPoolCluster.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -322,11 +322,16 @@ You can use **Amazon RDS** string as value to ssl property to connect to **Amazo

In that case https://s3.amazonaws.com/rds-downloads/mysql-ssl-ca-cert.pem CA cert is used:

```sh
npm install --save aws-ssl-profiles
```

<Tabs>
<TabItem value='promise.js' default>

```js
import mysql from 'mysql2/promise';
import awsCaBundle from 'aws-ssl-profiles';

try {
// highlight-start
Expand All @@ -335,7 +340,7 @@ try {
poolCluster.add('clusterA', {
// ...
host: 'db.id.ap-southeast-2.rds.amazonaws.com',
ssl: 'Amazon RDS',
ssl: awsCaBundle,
});
// poolCluster.add('clusterB', '...');

Expand All @@ -350,6 +355,10 @@ try {
}
```

:::info
For detailed instructions, please follow the [**AWS SSL Profiles documentation**](https://github.com/mysqljs/aws-ssl-profiles?tab=readme-ov-file#readme).
:::

:::tip Testing

```js
Expand All @@ -370,13 +379,14 @@ try {

```js
const mysql = require('mysql2');
const awsCaBundle = require('aws-ssl-profiles');

const poolCluster = mysql.createPoolCluster();

poolCluster.add('clusterA', {
// ...
host: 'db.id.ap-southeast-2.rds.amazonaws.com',
ssl: 'Amazon RDS',
ssl: awsCaBundle,
});
// poolCluster.add('clusterB', '...');

Expand All @@ -392,6 +402,10 @@ poolCluster.getConnection('clusterA', function (err, connection) {
});
```

:::info
For detailed instructions, please follow the [**AWS SSL Profiles documentation**](https://github.com/mysqljs/aws-ssl-profiles?tab=readme-ov-file#readme).
:::

:::tip Testing

```js
Expand Down

0 comments on commit de071bb

Please sign in to comment.