Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Cannot connect to Amazon RDS from within Docker container
See original GitHub issueI have been banging my head against this for hours and I just do not understand what is going on here. I’m hoping whomever reads this has some idea I haven’t had yet. Basically, within the attached zip file is a very simple project that attempts a connection to an Amazon RDS instance, issues a select 1 = 1, and logs the results. If this project is run normally then the desired result is logged (1 = 1). But if this project is run via a Docker container (as shown in the included run.sh script) then the following will be logged:
{ Error: EE certificate key too weak
at TLSSocket.<anonymous> (/app/node_modules/mysql/lib/Connection.js:320:48)
at TLSSocket.emit (events.js:198:13)
at TLSSocket._finishInit (_tls_wrap.js:636:8)
--------------------
at Protocol._enqueue (/app/node_modules/mysql/lib/protocol/Protocol.js:144:48)
at Protocol.handshake (/app/node_modules/mysql/lib/protocol/Protocol.js:51:23)
at Connection.connect (/app/node_modules/mysql/lib/Connection.js:119:18)
at Object.<anonymous> (/app/mysql.js:29:6)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
at Function.Module._load (internal/modules/cjs/loader.js:585:3)
at Function.Module.runMain (internal/modules/cjs/loader.js:831:12) code: 'HANDSHAKE_SSL_ERROR', fatal: true }
Issue Analytics
- State:
- Created 4 years ago
- Comments:13 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
FYI, both:
Yield
Signature Algorithm: sha256WithRSAEncryption.So I’ll try constructing a new pem set to pass in via the connection options tomorrow and see what that does.
Hmm. The note about 10.x being affected as well lends credence to why I see the same error if I use the
centos:latestimage and Node viayum install nodejs.Using
rejectUnauthorized: falseisn’t such a great idea because it will open the door for a MITM attack (I am fairly sure).I can investigate some more with this new information tomorrow. But I doubt I’ll get further than you already have (thank you). Let’s tag the only person I know of working on AWS stuff and see what they say. @trivikr can you provide any insight here?