Allow to specify tls certificate path though DSN #926
Labels
Milestone
Comments
|
Unlike pq, we choosed URL style for DSN. It's difficult to write path in config. From v1.5, I want to promote Connector interface instead of DSN. DSN is too complicated already. |
|
pq also have URL style for DSN, you can check it here: https://godoc.org/github.com/lib/pq example from docs: connStr := "postgres://pqgotest:password@localhost/pqgotest?sslmode=verify-full" |
Is it be able to specify certificate path easily, without |
|
I extracted the code from pq project to test it out and I see that you don't need to specify package main
import "fmt"
import nurl "net/url"
import "strings"
func main() {
url := "postgres://bob:secret@1.2.3.4:5432/mydb?sslrootcert=/test/root.crt"
u, _ := nurl.Parse(url)
var kvs []string
escaper := strings.NewReplacer(` `, `\ `, `'`, `\'`, `\`, `\\`)
accrue := func(k, v string) {
if v != "" {
kvs = append(kvs, k+"="+escaper.Replace(v))
}
}
q := u.Query()
for k := range q {
accrue(k, q.Get(k))
}
fmt.Println(q)
}Result: Playground: https://play.golang.org/p/FxM9doANUnI |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature request description
For now the only way to add TLS validation is though code with RegisterTLSConfig. With providing certificate path though DSN (like pq is doing it) all existing applications will receive TLS certificate validation out of the box without code changes. It will also help the applications that supports both pq and mysql as this will eliminate mysql-specific initialisation code before
sql.Open()call.The text was updated successfully, but these errors were encountered: