How do I upgrade an RDS Postgres instance with expired CA?

0

I'm trying to upgrade the engine version on an old RDS Postgres instance. My modification fails, because the old certificate authority (rds-ca-2015) is not found.

Is there a way around it?

Error Screenshot

Nick
asked 4 months ago265 views
1 Answer
2
Accepted Answer

Hello.

How about trying to change only the RDS certificate using the following command with the AWS CLI?
Please note that "rds-ca-2019" will expire in 2024.
https://aws.amazon.com/jp/blogs/aws/rotate-your-ssl-tls-certificates-now-amazon-rds-and-amazon-aurora-expire-in-2024/

aws rds modify-db-instance \
          --db-instance-identifier <yourdbinstance> \
          --ca-certificate-identifier rds-ca-rsa2048-g1 \
          --apply-immediately
profile picture
EXPERT
answered 4 months ago
profile picture
EXPERT
reviewed 2 months ago
profile pictureAWS
EXPERT
reviewed 4 months ago
  • Updating only the CA has helped. Thank you!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions