[RDS/Aurora] Use TLS with Route53-provided CNAME

1

We use a Route53-provided CNAME record to point to our database cluster in order to have easily-recognizable urls for our DBs and be able to perform migrations seamlessly (from the point of view of the app that relies on the database).

When using such a CNAME, is it possible to use TLS to connect to the database?

Topics

Migration & Modernization Analytics Database Networking & Content Delivery Internet of Things (IoT)

Tags

Amazon Relational Database Service Aurora PostgreSQL Amazon Route 53 Transport Layer Security (TLS)

Language

English

asked a year ago919 views

1 Answer

Newest
Most votes
Most comments

1

If you want TLS to be verified without warnings the name you are connecting to must match the name in the Cert. As such, using a CNAME will not work.

EXPERT

answered a year ago

Relevant content

Pointing an A Record and CNAME Record to WIX Not Working, A Record not propagating
AWS-User-6843969
asked 2 years ago
Multiple CNAME pointing to one CloudFront distribution
Accepted Answer
Arnav
asked 5 months ago
Route 53 DNS queries when CNAME points to an A record
Accepted Answer
AWS-User-7524022
asked 6 years ago
Change CNAME to point to a hosted server, using public IP address.
rePost-User-3433316
asked a year ago
How do I use logs to track activity in my Amazon Redshift database cluster?
AWS OFFICIALUpdated 3 months ago
How do I add and verify a domain to use with WorkMail?
AWS OFFICIALUpdated 2 years ago
Why is the CNAME record not resolving for my ACM issued certificate and the DNS validation status is still pending validation?
AWS OFFICIALUpdated a year ago
Why can’t I create a CNAME record in Route 53?
AWS OFFICIALUpdated a year ago
Workaround for CNAME to external web sites at the zone apex
EXPERT
slope roll
published 2 months ago
Using PowerCLI to import and export VMs with VMware Cloud on AWS
EXPERT
Patrick Kremer
published 7 months ago