I'm currently managing a database in Aurora/RDS and I've received an alert regarding a certificate update. The database seems to have the new rsa2048-g1 certificate authority (CA) configured, but the alert indicates it's using the rds-ca-2019, which has expired. I'm trying to figure out if I can just select the database and hit 'Apply Update Now' to take care of the cert update. Additionally, will I need to import this updated certificate to the SQL database that connects to it on-premises? I'm new to AWS, and this is a solution set up before my time, so I'd appreciate any insights!
3 Answers
It seems like you're seeing mixed certificates, which can happen sometimes. When you modify your DB instance settings, make sure it reflects the rds-ca-rsa2048-g1 CA. If appearances get mixed up or if there's confusion, definitely give AWS Support a shout for help on this issue.
From what I understand, RDS typically manages certificate renewals automatically. But in your case, it sounds like the alert might be referencing a different instance. Double-check the current certificate being used to ensure it matches the one you believe is active.
To clarify, if you're getting prompt messages about needing to update your database, it’s usually safe to click 'Modify' and apply updates as necessary. Just remember that after updating, you will also have to import the new certificate to your on-prem SQL connections to maintain connectivity.
Related Questions
How To Get Your Domain Unblocked From Facebook
How To Find A String In a Directory of Files Using Linux