SSL_ERROR_CERTIFICATE_EXPIRED
cloud
config_error
ai_generated
true
错误:SSL 连接错误:SSL 证书已过期
Error: SSL connection error: SSL certificate has expired
ID: cloud/gcp-cloud-sql-ssl-expired
88%修复率
85%置信度
1证据数
2024-03-15首次发现
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| Cloud SQL Proxy 2.11.0 | active | — | — | — |
| MySQL 8.0 | active | — | — | — |
| PostgreSQL 15 | active | — | — | — |
根因分析
Cloud SQL 的客户端 SSL 证书已过期,导致所有加密连接被服务器拒绝。
English
The client SSL certificate for Cloud SQL has expired, causing all encrypted connections to be rejected by the server.
官方文档
https://cloud.google.com/sql/docs/mysql/configure-ssl-instance解决方案
-
使用 gcloud 生成新的客户端证书:gcloud sql ssl client-certs create client-cert.pem --instance=INSTANCE_NAME && gcloud sql ssl client-certs describe INSTANCE_NAME --cert-file=client-cert.pem
-
更新应用程序以使用新证书文件(client-cert.pem、client-key.pem)并重启应用程序。
-
通过 cron 作业或 Cloud Scheduler 设置自动证书轮换,每月运行 gcloud sql ssl client-certs create。
无效尝试
常见但无效的做法:
-
95% 失败
Restarting does not renew expired SSL certificates; they are time-bound and must be regenerated.
-
80% 失败
Disabling SSL verification bypasses security but does not fix the expired certificate; the server still rejects the connection.
-
90% 失败
Timeout adjustments do not resolve authentication or certificate validation failures.