Connecting with TLS/SSL certificates without the Cloud SQL proxy is definitely supported.
I can't say for sure without more details, but it sounds like your driver is trying to fully-verify the certificate by making sure that the CN resolves to the same IP you are trying to correct with. I don't know which database engine you are using, but here is the postgres docs that explains this behavior:
If you make sure your driver is using `sslmode=required` or `sslmode=verify-ca`, you should be able to connect without any issues. Here's an example configuring a TCP connection using TLS.
Hope that helps.
How do we set DNS in CloudSQL wiith private IP only. I am using the server cert from the CloudSQL instance but get the following error when using the private IP in nodejs code."code":"ERR_T │
│ LS_CERT_ALTNAME_INVALID","message":"Hostname/IP does not match certificate's altnames: Host: localhost. is not cert's CN: <CloudSQL_Instance_NAME>"Understand the the private ip can be assigned a domain name but I have the following concern
- I don't own any domain, how do we use Cloud DNS to get a google domain subdomain or equivalent?
- PrivateIP will change when Instance edited i.e. when Network is changed, then Cloud DNS would point to wrong IP.
- As per the above error message its not clear which domain the certificate is minted for it just shows the fully qualified cloud SQL instance name.
I understand cloud SQL proxy is solution to everything related to ths but isn't really there any other option?
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/52af01cb-20ea-4e6e-8e49-fc0cee41254bn%40googlegroups.com.