Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Registering a SSL Certificate in C# .NET AWS Lambdas

0

I'm trying to connect to a SQL Server 2019 instance (happens to be in an EC2) from a C# .NET AWS lambda. I'm using a self-signed certificate to establish client trust with the SQL instance.

There doesn't seem to be a lot of documentation around how to register certificates in AWS. The documentation I can find is third party, and revolves around using OpenSSL's SSL_CERT_FILE variable to expose a lambda layer path for OpenSSL to interrogate as a root trust (https://dev.to/leading-edje/aws-lambda-layer-for-private-certificates-465j)

I've used the SSL_CERT_FILE approach in the past with success, but it doesn't seem that SQL is using OpenSSL for that trust connection.

What alternative approaches have folks used? Has anyone had success with actually registering certificates in an AWS Lambda? (instead of exposing it to specific SSL libraries, like SSL_CERT_FILE does)

Argomenti
ServerlessComputazionaliAWS Well-Architected Framework.NET su AWS
Tag
AWS LambdaSicurezza.NET su AWS
Lingua
English
Erik Farrell
posta 8 mesi fa953 visualizzazioni
1 Risposta
1

You can issue an SSL certificate from AWS Certificate Manager (ACM) service if you have purchased a domain.

Here's the step-by-step tutorial to get a certificate. https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html#request-public-console

profile picture
HS
con risposta 8 mesi fa
  • Erik Farrell
    8 mesi fa

    Thanks. I don't have control over the SQL certificate unfortunately. It's self-signed.

  • HS
    8 mesi fa

    Can you use an official CA certificate for your RDS instance instead of the self-signed one?

    For how to establish an SSL connection with the RDS instance from a general SQL client, see this page.

    For Lambda, you need to download and save the certificate in your lambda package and you should be able to use the SQL library to achieve the same goal.

  • Erik Farrell
    8 mesi fa

    Can you provide some guidance around how I would save the certificate in the lambda package?

    Is this through the lambda layer? If so, how would I register it with the trust store?

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente