I'm trying to connect to a SQL Server 2019 instance (happens to be in an EC2) from a C# .NET AWS lambda. I'm using a self-signed certificate to establish client trust with the SQL instance.
There doesn't seem to be a lot of documentation around how to register certificates in AWS. The documentation I can find is third party, and revolves around using OpenSSL's SSL_CERT_FILE
variable to expose a lambda layer path for OpenSSL to interrogate as a root trust (https://dev.to/leading-edje/aws-lambda-layer-for-private-certificates-465j)
I've used the SSL_CERT_FILE
approach in the past with success, but it doesn't seem that SQL is using OpenSSL for that trust connection.
What alternative approaches have folks used? Has anyone had success with actually registering certificates in an AWS Lambda? (instead of exposing it to specific SSL libraries, like SSL_CERT_FILE
does)
Thanks. I don't have control over the SQL certificate unfortunately. It's self-signed.
Can you use an official CA certificate for your RDS instance instead of the self-signed one?
For how to establish an SSL connection with the RDS instance from a general SQL client, see this page.
For Lambda, you need to download and save the certificate in your lambda package and you should be able to use the SQL library to achieve the same goal.
Can you provide some guidance around how I would save the certificate in the lambda package?
Is this through the lambda layer? If so, how would I register it with the trust store?