Rancher to RDS (MySQL)


I’m currently setting up a Rancher instance in our organisation.

I’m attempting to connect the Rancher Server to AWS RDS via SSL using this jdbc string:


The issue i run into over and over again is:

10:27:52.186 [main] ERROR i.c.p.a.sources.LazyJDBCSource - Failed to get connection to database, will retry for 5 minutes
org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Could not connect to AWSHOST.rds.amazonaws.com:3306: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)

I’ve generated a custom dockerfile to run:

keytool -trustcacerts -importcert -file aws.crt -keystore /usr/lib/jvm/zulu-8-amd64/jre/lib/security/cacerts -noprompt -storepass changeit

Which imports the AWS CA certificate into the JVM keystore.

Has anyone else ran into this issue?