By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Why is the RDS Certificate authority default still the rds-ca-2019?

0

When provisioning an RDS instance with MariaDB through the AWS Console or CloudFormation, the default certificate authority is set to "rds-ca-2019". It's important to note that this certificate is set to expire on August 22nd, 2024. Prior to this expiration date, it will be necessary to initiate a reboot. If not done manually, AWS will automatically reboot the instance to apply a newer certificate. It raises the question: Why isn't a certificate with a longer validity period set as the default? This would eliminate the need for an additional reboot shortly after the RDS instance is created.

Topics
Database
Tags
MariaDB
Language
English
Mokit
asked 7 months ago908 views
1 Answer
0

You will have to set the accounts/regions default certificate using the following process for all new created instances going forward.

https://docs.aws.amazon.com/cli/latest/reference/rds/modify-certificates.html

When provisioning you can also define the SSL certificate during creation.

profile picture
EXPERT
Gary Mclean
answered 7 months ago
profile pictureAWS
EXPERT
Jose Guay
reviewed 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content