Need time estimate to update SQL Server RDS certificate

0

Our production database is residing on a SQL Server Standard Edition RDS which is going to expire soon. The production database size is more than 1 TB, we cannot have long down time because the users are working on website 24x7.

How much time can we tell our customers as down time to finish certificate update successfully? It is mentioned at many places that RDS DB instances having large databases require more time for the certificate update. A time estimation for updating RDS certificate will help us plan better and inform our customers upfront about the downtime.

Please suggest.

2回答
0

Hello.

The following document describes how to check if a restart occurs.
Run the AWS CLI and check if a reboot occurs.
If the value of "SupportsCertificateRotationWithoutRestart" is false, a restart will occur, so I think there will be downtime.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html#UsingWithRDS.SSL-certificate-rotation-considerations

Modify the DB instance or Multi-AZ DB cluster to change the CA from rds-ca-2019 to rds-ca-rsa2048-g1. To check if your database requires a restart to update the CA certificates, use the describe-db-engine-versions command and check the SupportsCertificateRotationWithoutRestart flag.

Although it is not SQLserver, when I updated the RDS MySQL certificate in the past, it was completed in about 30 seconds.(Changing the certificate took 30 seconds and the downtime was about 10 seconds.)
Maybe it was because we were using a multi-AZ configuration, but the downtime wasn't that long.
However, in the case of SQLserver, the situation may be different, so I recommend that you create a test environment and check it before executing it in the production environment.

profile picture
エキスパート
回答済み 2ヶ月前
0

I have done this 15 times recently for a client and MS SQL Server took about 5 - 10 mintues to complete but was Single AZ as we were upgrading from 2016 to 2022 before going back to Multi Az

profile picture
エキスパート
回答済み 2ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ