Hi,
If you open the AWS console and navigate to RDS you will see Certificate Update as the last entry in the menu on the left side. This will open a list of all RDS instances still running with a certificate signed by the expired CA.
There you will also find a link to the documentation of RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) and Aurora (http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) regarding the CA rotation.
This pages also contain sample scripts for adding the new CA bundles to the trust store of Linux or macOS.
The URL for the new CA certificate bundle is: https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
Relevant questions
Aws Rds Setup With Phpmyadmin with snn
asked 8 months agoRDS - rds-ap-east-1 ssl bundle certificate expired
asked 2 months agoUnable to connect to DocumentDB via SSL from Node Mongoose
asked 3 years agoHow can I connect Google Data Studio to an Private AWS RDS Postgres instance?
asked 2 months agoobtaining Timeout expired while connecting from pgadmin to RDS postgres db instance
asked 2 days agoHow to create SSL dblink connection from RDS to postgres on premise?
asked 6 months agoRDS and SSL/TLS Certificates
Accepted Answerasked 3 years agoRDS SSL error
asked 3 years agoI cannot get my SSL Certificate to show installed.
asked 2 months agoJDBC and RDS PostgreSQL TLS Encryption connection problem
asked 2 months ago
There is no 'Certificate Update' on ap-east-1 RDS left side menu. To update the cert authority in ap-east-1, will need to modify the instance. which is the step 'Updating your CA certificate by modifying your DB instance' from http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html