I am trying to secure connection to AWS RDS instance over SSL for my Spring boot application. I have looked upon several blogs and official documentation and accordingly modified my connection string to contain certain parameter related to SSL connection.
I have my certificate placed inside a cert folder in resources. Below is how I have tried to pass the certificate path:
jdbc:postgresql://myamazondomain.rds.amazonaws.com:5432/db_name?sslmode=verify-full&sslrootcert=/cert/rds-ca-cert_name.p12&password=my_passwrord
Also I have tried:
jdbc:postgresql://myamazondomain.rds.amazonaws.com:5432/db_name?sslmode=verify-full&sslrootcert=/src/main/resources/cert/rds-ca-cert_name.p12&password=mypassword
However, when I try to connect to the RDS from my ECS container, I receive the following error:
ERROR com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Exception during pool initialization.
org.postgresql.util.PSQLException: Could not open SSL root certificate file /cert/rds-ca-cert_name.p12.
at org.postgresql.ssl.LibPQFactory.<init>(LibPQFactory.java:120)
at org.postgresql.core.SocketFactoryFactory.getSslSocketFactory(SocketFactoryFactory.java:61)
at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:33)
at org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:435)
at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:94)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
at org.postgresql.Driver.makeConnection(Driver.java:454)
Can someone suggest what is the error here. What is the correct way of passing the certificate stored in classpath to jdbc connection string.
