Encrypted communication using rds-ca-2015 certificates may interrupt the connectivity between Deep Security Manager and AWS RDS

Product / Version includes:

Deep Security11.0 , Deep Security10.0 , Deep Security12.0

Last updated: 2021/08/28

Solution ID: KA-0010179

Category: Troubleshoot

Summary

AWS made the announcement that the old certificates (rds-ca-2015) will expire on March 5, 2020. Using these old certificates may cause an interruption of connectivity between Deep Security Manager (DSM) and your Amazon RDS DB instances, if the communication between the Deep Security Manager and the RDS is encrypted.

By default, communication between the Deep Security Manager and the database is not encrypted. See this Help Center article for more details: Encrypt communication between the Deep Security Manager and the database.

In case the encryption between the manager and RDS is enabled, it is strongly recommended to follow the instructions provided by AWS to ensure your RDS has the latest CA certificates. For the detailed procedure to update RDS database instances, refer to this AWS document: Rotating Your SSL/TLS Certificate.

It is recommended to back up your database before replacing your CA certificate. Replacing it may cause outage. We suggest to carefully follow the AWS user guide to prevent any unexpected issues.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Encrypted communication using rds-ca-2015 certificates may interrupt the connectivity between Deep Security Manager and AWS RDS

Encrypted communication using rds-ca-2015 certificates may interrupt the connectivity between Deep Security Manager and AWS RDS

Product / Version includes:

Summary