Cannot connect to Google Cloud SQL using SSL + Golang from Google App Engine

Question

Google says you can connect to Google Cloud SQL using Golang and the go-sql-driver like so:

import "database/sql"
import _ "github.com/go-sql-driver/mysql"

db, err := sql.Open("mysql", "user@cloudsql(project-id:instance-name)/dbname")

ref: https://cloud.google.com/appengine/docs/go/cloud-sql/reference

... However, this (for me) generates a x509 certificate error:

x509: certificate is valid for projectName:instanceName, not projectName

I cannot figure out how to solve this. Adding the instance name again (even though it's already there) in the connection string does not help, nor is correct according to Google's own docs.

Has anyone managed to make this work? What is wrong?

Answer 1

Are you connecting with SSL? This error message indicates that must set the ServerName property when you register your custom TLSConfig with the mysql driver, in addition to specifying the project-id:instance-name inside sql.Open().

e.g. Use the TLS setup from the docs, but add a ServerName in your call to RegisterTLSConfig:

mysql.RegisterTLSConfig("custom", &tls.Config{
            RootCAs:      rootCertPool,
            Certificates: clientCert,
            ServerName:   "projectName:instanceName",
        })

Then append ?tls=nameOfYourCustomTLSConfig

db, err := sql.Open("mysql", "user@cloudsql(project-id:instance-name)/dbname?tls=custom")