Hi everyone, I've a self serve kratos and keto running them in a EKS cluster. My DSN is

DSN=<mysql://admin:htyXXXXXXXXXXXXXXXXXXXXSu@tcp>(<http://xyzxyzxyz.us-west-2.rds.amazonaws.com:3306|xyzxyzxyz.us-west-2.rds.amazonaws.com:3306>)/users?tls=true

MySQL hosted as RDS in AWS. I want to enable TLS/SSL encrypted connection b/n my keto and kratos pods and the MySQL instance in AWS The error I'm getting when enable TLS via

tls=true

as suggested by the documentation here: https://www.ory.sh/docs/self-hosted/deployment#mysql is:

time=2024-03-08T04:45:39Z level=debug msg=Connecting to SQL Database func=<http://github.com/ory/kratos/driver.(*RegistryDefault).Init.func1|github.com/ory/kratos/driver.(*RegistryDefault).Init.func1> file=/project/driver/registry_default.go:641 audience=application connMaxLifetime=0s idlePool=2 pool=4 service_name=Ory Kratos service_version=v1.1.0
time=2024-03-08T04:45:40Z level=warning msg=Unable to ping database, retrying. func=<http://github.com/ory/x/logrusx.(*Logger).Logf|github.com/ory/x/logrusx.(*Logger).Logf> file=/go/pkg/mod/github.com/ory/x@v0.0.614/logrusx/helper.go:125 audience=application error=map[message:tls: failed to verify certificate: x509: certificate signed by unknown authority stack_trace:
...

Any clue what I'm doing wrong? I have AWS global-bundle.pem keys but I have no idea how I can pass these to the Kratos or Keto. Any help will be appreciated!