Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
sqlproxyccl: support secure connections to SQL backends
Previously, when establishing a TLS connection to the SQL backend, the sqlproxy failed to set .ServerName on the tls.Config. The result was the error `tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config` whenever .SkipVerify was false. This behavior made it impossible to establish verified secure connections to SQL backends. This commit properly sets .ServerName based on the outgoingAddress returned by the tenantdir service. Release note: None Release justification: Having a verified TLS connection betweeen the SQLProxy and SQL Pods in Cockroach Serverless is a requirement for the beta release. This code change enables that secure connection without making any changes to CockroachDB, itself.
- Loading branch information
Showing
3 changed files
with
116 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters