Update Amazon RDS SSL/TLS Certificates by February 5th, 2020
Have you received such mail from the Amazon, then you need to act on it fast. But dont worry this mail isnt just for you, its for all those who have availed Amazon RDS SSL/TLS certificate and need to update the same before 5th February, 2020 in order to allow smooth functioning of the applications that use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to connect to your RDS and Aurora database instances.
Why the update?
You have an Amazon RDS database instance(s) in the US-WEST-2 region that needs to be taken care of. Now, in case your applications connect to those instances via SSL or TLS and the update isn’t made, it will create an upheaval to your applications as the Amazon RDS instances are going to expire soon.
To secure the communications, a time-bound certificate will be generated by Certificate Authority (CA), which will be checked by the database client software to validate any RDS database instance(s) before exchanging information. AWS regularly updates the CA certificate every 5 years to generate new certificates to ensure & protect the RDS customer connections over the succeeding years.
Client applications are requested at the earliest possible to add the new CA certificate (root & intermediate) wherever necessary to the stores, do ensure that the RDS database instances are using separate server certificates.
For all the RDS database instances generated before January 2020 are bound to use the new certificate, failing to do so, the client applications that aren’t updated to their trusted stores won’t be able to connect to any new instances. It is imperative that you adhere to the deadline before it causes any damage.
In case you are wondering how that needs to be done, we will be able to assist you through the entire process. Being the specialist of the domain we understand these updates and can fix this issue without any hassles. We do this by taking full feedback and understanding of your applications connected to RDS database instances via SSL & TLS. Based on the analysis we will determine the connectivity and update the client applications trust store with the revised CA certificates.
What can you avoid?
This message if your applications do not use SSL/TLS to connect. However, we strongly recommend based on our experience that its always the best practices to use SSL/TLS, hence, update the same as soon as possible.
You can always reach us via email [email protected] or drop us a message on the website or even get in touch with us via social media www.facebook.com/w3villa, https://in.linkedin.com/company/w3villa-technologies-private-limited