Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Encrypted communication using rds-ca-2015 certificates may interrupt the connectivity between Deep Security Manager and AWS RDS

    • Updated:
    • 17 Jan 2020
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 11.0
    • Deep Security 12.0
    • Platform:
    • N/A
Summary

AWS made the announcement that the old certificates (rds-ca-2015) will expire on March 5, 2020. Using these old certificates may cause an interruption of connectivity between Deep Security Manager (DSM) and your Amazon RDS DB instances, if the communication between the Deep Security Manager and the RDS is encrypted.

Details
Public

By default, communication between the Deep Security Manager and the database is not encrypted. See this Help Center article for more details: Encrypt communication between the Deep Security Manager and the database.

In case the encryption between the manager and RDS is enabled, it is strongly recommended to follow the instructions provided by AWS to ensure your RDS has the latest CA certificates. For the detailed procedure to update RDS database instances, refer to this AWS document: Rotating Your SSL/TLS Certificate.

​​
 
It is recommended to back up your database before replacing your CA certificate. Replacing it may cause outage. We suggest to carefully follow the AWS user guide to prevent any unexpected issues.
Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
000237387
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.