diff --git a/kong/db/strategies/cassandra/connector.lua b/kong/db/strategies/cassandra/connector.lua index ae8c18036a5..a6ce839b7af 100644 --- a/kong/db/strategies/cassandra/connector.lua +++ b/kong/db/strategies/cassandra/connector.lua @@ -25,6 +25,12 @@ function CassandraConnector.new(kong_config) if ngx.IS_CLI then local policy = require("resty.cassandra.policies.reconnection.const") cluster_options.reconn_policy = policy.new(100) + + -- Force LuaSocket usage in the CLI in order to allow for self-signed + -- certificates to be trusted (via opts.cafile) in the resty-cli + -- interpreter (no way to set lua_ssl_trusted_certificate). + local socket = require "cassandra.socket" + socket.force_luasocket("timer", true) end if kong_config.cassandra_username and kong_config.cassandra_password then diff --git a/kong/db/strategies/postgres/connector.lua b/kong/db/strategies/postgres/connector.lua index 632e364aefc..3c67d248a1f 100644 --- a/kong/db/strategies/postgres/connector.lua +++ b/kong/db/strategies/postgres/connector.lua @@ -98,6 +98,9 @@ local setkeepalive local function connect(config) local phase = get_phase() if phase == "init" or phase == "init_worker" or ngx.IS_CLI then + -- Force LuaSocket usage in the CLI in order to allow for self-signed + -- certificates to be trusted (via opts.cafile) in the resty-cli + -- interpreter (no way to set lua_ssl_trusted_certificate). config.socket_type = "luasocket" else