RDS Certificate Update


Currently investigating the work required on our part to prepare for updating the certificate on our RDS MySQL instances, and was wondering if I shutdown our existing rds-ca-2019 dev/test instances - which would then allow us to launch from a snapshot a new rds-ca-rsa2048-g1 instance for testing - would the old instance when restarted retain its old rds-ca-2019 certificate or would it be started with the new rds-ca-rsa2048-g1 cert?

posta un mese fa112 visualizzazioni
2 Risposte


All the steps to complete for update of certificates is thoroughly described in this blog post: https://aws.amazon.com/blogs/aws/rotate-your-ssl-tls-certificates-now-amazon-rds-and-amazon-aurora-expire-in-2024/

Just follow it and you'll be all good!



profile pictureAWS
con risposta un mese fa
profile picture
verificato un mese fa
  • Thanks for the comment, Didier. I have seen the blog, and believe the process of updating the cert will be straight forward, but dealing with a paranoid (and I mean that in a good sense) CTO who wants to ensure we can rollback to our current know working position if something goes pear shaped.



Old RDS instance will remains with* Old SSL certificate***, Restarting an existing RDS instance, even after a shutdown, will not change its currently assigned SSL/TLS certificate.

  • If your development/test RDS instances are using the rds-ca-2019 certificate, restarting them will keep the same certificate.
  • Launching a new RDS instance from a snapshot of the old instance will also create a new instance with the same rds-ca-2019 certificate (assuming the snapshot captured the configuration).
profile picture
con risposta un mese fa
  • Thanks for the comment, GK, but I find that when I take a snapshot and restore it, it is using the new certificate. It would be good to be able to recover a snapshot so that it has the current certificate as it will allow for creating a testing environment. How do I do this?

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande