How can we help you today? How can we help you today?
cajund
Activity overview Badges (0) Posts (2) Comments (12)

Comments

Sort by recent activity
Yes, I am using it. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Yes, I am using it.
0 votes
Peter, I've tried a few other things and this simply doesn't work. The flyway executable isn't seeing the `JAVA_ARGS` variable, even if I send it in via the `docker run` command. Unless your tech folks want to get involved with this, I have to cut my losses and look for another solution that solves this problem. Thanks again for your time. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Peter,I've tried a few other things and this simply doesn't work. The flyway executable isn't seeing the `JAVA_ARGS` variable, even if I send it in via the `docker run` command. Unless your tech fo...
0 votes
Aurora MySQL. I am using the latest version of the Flyway container. Thanks. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Aurora MySQL. I am using the latest version of the Flyway container.Thanks.
0 votes
Hi Folks, following up here again. Anything more I can provide? Thanks, / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Hi Folks, following up here again. Anything more I can provide?Thanks,
0 votes
Peter, Thanks for this reply. My issue is not connecting to RDS securely, it's connecting to RDS using Flyway in the Docker container. This process is opaque, and my familiarity with Java is not very high. So discerning what is incorrect is not very easy for me in this context, which is why I turned to your forums. I have posted all of my specifics in my March 11th post. I have used your documentation as best as I can to get this to work. The link to the Docker implementation in those docs is vastly different than your approach (he's building a new container!), and is specific to GitLab and their CI/CD system. If what I have provided looks correct, then perhaps it would be a good idea for one of your programmers to get involved and troubleshoot it. It's clear to me that Flyway is not picking up the Keystore when connecting. My overal point is that connecting via TLS to RDS Aurora/MySQL is a common thing. If you want to support your users and further your product in the market, it's imperitive that your users be successful. At some point in the near future when we move to production, we will need to move off the community version. But this becomes imposible if I can't get it to work. Thanks again. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Peter, Thanks for this reply. My issue is not connecting to RDS securely, it's connecting to RDS using Flyway in the Docker container. This process is opaque, and my familiarity with Java is not ve...
0 votes
Anything on this folks? This is marked as answered, it's not... Thanks. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Anything on this folks? This is marked as answered, it's not...Thanks.
0 votes
On the main page showing the list of the topics, this question shows as answered. I figured you wouldn't delve into it as a result. But I appreciate that you have. Thanks for the further research. I hope that it results in updating your documentation. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
On the main page showing the list of the topics, this question shows as answered. I figured you wouldn't delve into it as a result.But I appreciate that you have. Thanks for the further research. I...
0 votes
Thanks for your help. This is from last year: https://github.com/flyway/flyway-docker/pull/67 I think it's headed in the right direction, but doesn't work as is. My attempt was even simpler this this one. No dice. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Thanks for your help. This is from last year:https://github.com/flyway/flyway-docker/pull/67I think it's headed in the right direction, but doesn't work as is. My attempt was even simpler this this...
0 votes
Hi Folks, Finally able to come back to this. I have decided to take the "entrypoint.sh" approach as opposed to rebuilding the docker container as some instructions suggest. Here are the details: entrypoint.sh#!/bin/bash set -euo pipefail echo "Adding RDS Cert" export JAVA_ARGS='-Djavax.net.ssl.trustStore="/flyway/keystore" -Djavax.net.ssl.trustStorePassword="popcorn"' keytool -keystore /flyway/keystore -alias "AWS RDS Aurora" -noprompt -trustcacerts -storepass "popcorn" -importcert -file rds-combined-ca-bundle.pem keytool -list -keystore /flyway/keystore -storepass "popcorn" And my docker command: docker run --rm \     -e FLYWAY_USER=$DB_USER \     -e FLYWAY_PASSWORD=$DB_PASS \     -v $(pwd)/rds-combined-ca-bundle.pem:/flyway/rds-combined-ca-bundle.pem \     -v $(pwd)/build/entrypoint.sh:/flyway/entrypoint.sh \     -v $(pwd)/db:/flyway/sql \     --entrypoint=/flyway/entrypoint.sh \     redgate/flyway:latest migrate \     -url=$DB_URL \     -locations=$LOCATIONS \     -baselineOnMigrate="true" Some notes: These commands are pulled from your instructions at: https://documentation.red-gate.com/fd/ssl-support-224003085.html The output from the entry point looks like this: Adding RDS Cert Certificate was added to keystore Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry aws rds aurora, Mar 19, 2024, trustedCertEntry, Certificate fingerprint (SHA-256): EB:BD:7E:AC:8B:02:17:12:95:35:ED:C5:2F:D6:D9:56:7D:42:4D:7E:B4:32:41:D8:35:26:FD:9C:46:6D:3F:40The error is: SQL State : 08000 Error Code : -1 Message : Could not connect to address=(host=flare-cluster-dev.cluster-************.us-west-2.rds.amazonaws.com)(port=3306)(type=master) : Could not connect to flare-cluster-dev.cluster-************.us-west-2.rds.amazonaws.com:3306 : No X509TrustManager implementation available<br> Caused by: java.sql.SQLNonTransientConnectionException: Could not connect to address=(host=flare-cluster-dev.cluster-************.us-west-2.rds.amazonaws.com)(port=3306)(type=master) : Could not connect to flare-cluster-dev.cluster-************.us-west-2.rds.amazonaws.com:3306 : No X509TrustManager implementation available<br>Caused by: java.sql.SQLNonTransientConnectionException: Could not connect to flare-cluster-dev.cluster-************.us-west-2.rds.amazonaws.com:3306 : No X509TrustManager implementation available<br>Caused by: javax.net.ssl.SSLHandshakeException: No X509TrustManager implementation available Caused by: java.security.cert.CertificateException: No X509TrustManager implementation available I suspect that there is some issue with setting up the JAVA_ARGS. As these were pulled directly from your documentation (with some adjustment, as your docs aren't setting a password), I was hoping that you can tell me what is missing. Thanks for your help. / comments
  1. Community
  2. Flyway (General Discussion)
  3. Docker and SSL connections
Hi Folks,Finally able to come back to this. I have decided to take the "entrypoint.sh" approach as opposed to rebuilding the docker container as some instructions suggest.Here are the details:entry...
0 votes
Thanks for the reply. I did take this approach (or a similar one), there are details in my other posting: https://forum.red-gate.com/discussion/90093/docker-and-ssl-connections I was running into command issues saving to the keystore. Perhaps there's an example available? I also think that PR I provided on that other thread was attempting to do the same thing, but I fear it's out of date. Thanks again. / comments
  1. Community
  2. Flyway (General Discussion)
  3. How long before a post is approved by the moderator
Thanks for the reply.I did take this approach (or a similar one), there are details in my other posting:https://forum.red-gate.com/discussion/90093/docker-and-ssl-connectionsI was running into comm...
0 votes
Total activity
16
Last activity
Member since
Following
0 users
Followed by
0 users
Votes
0
Subscriptions
2