How to connect to yugabyte instance from app using certificates? Able to connect via ycqlsh but not from golang application

Question

I was able to connect to the yugabyte cassandra instance through ycqlsh with the given certificates.

ycqlsh <host> --ssl

Have exported the env var SSL_CERTFILE. This works but from the golang application passing the same certificates gives me an error.

func getYugaByteConnection() *gocql.Session {
    cluster := gocql.NewCluster("<host>")
    cluster.Timeout = 12 * time.Second
    //cluster.ConnectTimeout = 12 * time.Second
    cluster.SslOpts = &gocql.SslOptions{
        EnableHostVerification: true,
        CertPath:               "path/to/cert.pem",
    }

    session, err := cluster.CreateSession()
    if err != nil {
        log.Println(err)
    }

    return session
}

This gives me an error saying

gocql: unable to create session: connectionpool: unable to load X509 key pair: open : no such file or directory

Can someone explain why it works with ycqlsh and not from the application and also what changes I'd need to make to establish the connection from the app.

Can you check this answer https://stackoverflow.com/questions/35970581/ssl-options-in-gocql ? — dh YB, Dec 16 '20 at 07:49
Yes I did refer to the same but the issue is that when CaPath is specified ServerName has to be specified and I don't have the serverName and I am not sure where to find. — Adith Dev Reddy, Dec 16 '20 at 13:21
Can you check docs ? "ServerName must match the hostname in the server's certificate" — dh YB, Dec 17 '20 at 16:45

How to connect to yugabyte instance from app using certificates? Able to connect via ycqlsh but not from golang application

0 Answers0