Comments
Sort by recent activity
Hello poojashinde, Which database type are you targetting please? We haven't yet implemented this functionality across all the possible options. / comments
Hello poojashinde,Which database type are you targetting please?We haven't yet implemented this functionality across all the possible options.
You are of course correct cajund, please don't think it's unwillingness! Maybe you could help me test something, I was concluding that the 'TrustManager implementation available' exception was the JRE complaining about your keystore implementation not meeting the expected format, an alternative possibility exists. It could be that as you're not explicitly stating to use SSL, it's not even attempting to use the keystore and then the connection is correctly rejected. To validate this, please could you postpend your connection string with ?useSsl=trueand let us know the results? / comments
You are of course correct cajund, please don't think it's unwillingness!Maybe you could help me test something, I was concluding that the 'TrustManager implementation available' exception was the J...
I'm afraid we don't have much to offer cajund, the definition of what's needed is governed by Amazon, so we're not in a great position to advise. There seems to be a noteworthy number of instances of this issue when I was researching it, to be transparent at this juncture the flyway side of things looks good and otherwise I'd largely be recycling advice from threads like https://stackoverflow.com/questions/39650898/no-x509trustmanager-implementation-available. The db host will be much better equipped than we to access your connectivity approach. I'm sorry we can be more help, the areas we're responsible for look to have been correctly configured from what you've shared. / comments
I'm afraid we don't have much to offer cajund, the definition of what's needed is governed by Amazon, so we're not in a great position to advise.There seems to be a noteworthy number of instances o...
Hi cajund, Which post shows as answered please? They all appear as rejected for me, even the ones that aren't posting a solution and your own posts too. Thanks for the remainder, I was on leave when you posted, I'll check with the devs regarding the cert implementation options, apologies for not having an answer off-hand, this isn't a typical procedure. / comments
Hi cajund,Which post shows as answered please?They all appear as rejected for me, even the ones that aren't posting a solution and your own posts too.Thanks for the remainder, I was on leave when y...
Oh I see what you mean, after a little bit of tinkering I've managed to get the status corrected, thanks for highlighting. Given where this exception is now occurring please can you clarify what kind of Aurora DB are you targetting as it may alter the expected cert parameters, so I'll need to cross-reference the respective JDBC drivers. / comments
Oh I see what you mean, after a little bit of tinkering I've managed to get the status corrected, thanks for highlighting.Given where this exception is now occurring please can you clarify what kin...
Ah thank you, I can see from that issues history that some of the devs who would likely perform this work have also acted on it so I'll discuss this with them and then come back to you. / comments
Ah thank you, I can see from that issues history that some of the devs who would likely perform this work have also acted on it so I'll discuss this with them and then come back to you.
Not at all cajund, I can empathise, modifying pre-existing Docker isn't as straight forward as one would hope! Our doc on SSL support is admittedly must more useful in a native environment rather than a prepackaged one. I'm not familiar with the joaorosa article, but having read it showing a modified Docker file, I'd conclude that at minimum that required recomposing the Docker image, which isn't the sort of minor edit I anticipate most people would be looking for. I feel like it should be possible to introduce a Docker entrypoint to sideload the required cert, but I don't know for sure, I'll investigate and let you know what I find. / comments
Not at all cajund, I can empathise, modifying pre-existing Docker isn't as straight forward as one would hope!Our doc on SSL support is admittedly must more useful in a native environment rather th...
Regarding the keystore itself, no I'm afraid we don't have any, hopefully the manufacturer does. I'll ask our Java devs if they have any ideas regarding the InvalidAlgorithmParameterException, even though it's not part of our namespace, they might have encountered it. / comments
Regarding the keystore itself, no I'm afraid we don't have any, hopefully the manufacturer does.I'll ask our Java devs if they have any ideas regarding the InvalidAlgorithmParameterException, even ...
Hello cajund, I believe because you posted multiple times in rapid succession as a first time user, your posts were briefly flagged as potential spam.They also appear to have been verified as legitimate the same day; apologies for the confusion or concern this may have caused, it should be a one time thing. / comments
Hello cajund,I believe because you posted multiple times in rapid succession as a first time user, your posts were briefly flagged as potential spam.They also appear to have been verified as legiti...
Hello cajund, We've started an internal discussion if we need to implement a different or better interface for this kind of configuration in flyway. For the moment, the most scalable path of least resistance in our estimation is scripting the change as opposed to recomposing, and then inserting that via a Docker entry point. This does admittedly have a slightly higher initial setup cost if the user isn't familiar with scripting environmental alterations. Using your example, writing the certs to the keystore in a bash script called entrypoint.sh and then including it in the initial flyway invocation. docker run -v ".\entrypoint.sh:/flyway/entrypoint.sh" "--entrypoint=/flyway/entrypoint.sh" redgate/flyway / comments
Hello cajund, We've started an internal discussion if we need to implement a different or better interface for this kind of configuration in flyway.For the moment, the most scalable path of least r...