我已经设置了Laravel应用程序以使用SSL连接到RDS。看来我能够从基于laradock / workspace：2.2-7.2的两个容器进行连接，但基于laradock / php-fpm：2.2-7.2的一个容器在运行php artisan tinker时失败，并出现以下错误，这似乎尝试连接到数据库（注意：我还清除了所有缓存）：

In PDOConnection.php line 31:

  SQLSTATE[HY000] [2002]


In PDOConnection.php line 27:

  SQLSTATE[HY000] [2002]


In PDOConnection.php line 27:

  PDO::__construct(): SSL operation failed with code 1. OpenSSL Error messages:
  error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

从基于工作空间的容器中，我可以进入修补程序并运行SELECT，该操作显示我正在使用的SSL密码来验证我是否在使用SSL：

# php artisan tinker
Psy Shell v0.9.9 (PHP 7.2.23-1+ubuntu16.04.1+deb.sury.org+1 — cli) by Justin Hileman
>>> DB::select("SHOW STATUS LIKE 'Ssl_cipher'")
=> [
     {#5403
       +"Variable_name": "Ssl_cipher",+"Value": "DHE-RSA-AES128-SHA",},]

在config/database.php中，这是我的联系之一：

'connections' => [
    'mysql' => [
        'driver' => 'mysql','host' => env('DB_HOST','mysql'),'port' => env('DB_PORT','3306'),'database' => env('DB_DATABASE','username' => env('DB_username','password' => env('DB_PASSWORD',''),'charset'   => 'utf8mb4','collation' => 'utf8mb4_unicode_ci','prefix' => '','strict' => false,'engine' => null,'options' => (extension_loaded('pdo_mysql') && env('MYSQL_SSL_ENABLED')) ? [
            PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA',base_path('ssl/rds-combined-ca-bundle.pem')),] : [],],

我认为（并且仍然觉得）可能与版本有关，但无法确认：

# php-fpm (NOT WORKING)
root@php-fpm-dev-f76678fc9-k45hm:/var/www/api# php -v
PHP Warning:  PHP Startup: Invalid library (appears to be a Zend Extension,try loading using zend_extension=opcache.so from php.ini) in Unknown on line 0
PHP 7.2.21 (cli) (built: Aug 14 2019 09:11:56) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0,Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.21,Copyright (c) 1999-2018,by Zend Technologies
    with Xdebug v2.7.2,Copyright (c) 2002-2019,by Derick Rethans

# workspace (WORKING)
root@php-worker-dev-698f55d5c6-hkd7k:/var/www/api# php -v
PHP 7.2.21-1+ubuntu16.04.1+deb.sury.org+1 (cli) (built: Aug  7 2019 09:53:30) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0,Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.21-1+ubuntu16.04.1+deb.sury.org+1,by Zend Technologies

# workspace (WORKING)
root@workspace-dev-775988cfcc-px8g8:/var/www/api# php -v
PHP 7.2.23-1+ubuntu16.04.1+deb.sury.org+1 (cli) (built: Oct  8 2019 05:31:33) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0,Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.23-1+ubuntu16.04.1+deb.sury.org+1,by Zend Technologies

我正在使用将.pem文件安装为ConfigMap并已由cat /var/www/api/ssl/rds-combined-ca-bundle.pem验证过的头盔图，并将其拉入相同的比较工具中。

关于为什么一个容器发生故障的任何想法？

有人知道如何使用openssl来使用证书来验证我的RDS端点吗？