Question

Postgres CA Cert and Kubernetes

Posted May 17, 2019 1k views
PostgreSQL Kubernetes

I have a managed postgres database with DO - connection string has sslmode = require in it.

For local development I have downloaded and trusted the CA certificate for our postgres instance and all works fine.

But now I have deployed our application to a kubernetes cluster on DO - and its failing because the CA Root is not trusted.

Is it possible to configure Kubernetes to download the CA and trust it on the underlying droplets?

Add a comment
spenceclark
By:
spenceclark
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

2 answers
spenceclark May 17, 2019

I’ve found a solution in case anyone else comes along later.

I included my .crt file in my project so it got included with the binaries.

Then in my dockerfile I added these 2 liness in the final stage:

ADD [path from working dir to the CRT file] /usr/local/share/ca-certificates/DO-PG-CA.crt
RUN chmod 644 /usr/local/share/ca-certificates/DO-PG-CA.crt && update-ca-certificates

Reply Report
johste August 30, 2019

Thanks for updating with a solution. This worked for me.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help