I'm attempting to connect my golang application with AWS RDS via a SSL connection using the MySQL driver. Everything seems to be working correctly but because the hostname address I'm using is a Route53 CNAME record, the CA root cert (provided by AWS) doesn't seem to be valid.
The exact error I get is:
x509: certificate is valid for .cluster-.us-east-1.rds.amazonaws.com, .cluster-ro-.us-east-1.rds.amazonaws.com, ..us-east-1.rds.amazonaws.com, not {CNAME HERE}
I know this works if I don't use the CNAME in the DSN... but I'm wondering if there is? This is simply the benefit of keeping the addresses clean and memorable.