Teleport uses mutual TLS authentication with self-hosted databases. As such, they must be configured with Teleport's certificate authority to be able to verify client certificates and a certificate/key pair that Teleport can verify.
With self-hosted version of Teleport use
tctl auth signcommand locally on the Teleport Auth server to produce the secrets
Have a suggestion or can’t find something?IMPROVE THE DOCS