Help Center/ Relational Database Service_RDS for MySQL/ User Guide/ Instance Connection/ Connection Management/ Configuring a Certificate
Updated on 2025-08-20 GMT+08:00
View PDF
Share

Configuring a Certificate

RDS allows you to reset and download a certificate.

Contact customer service to apply for the required permissions.

Procedure

  1. Click in the upper left corner and select a region.
  2. Click in the upper left corner of the page and choose Databases > Relational Database Service.
  3. On the Instances page, click the target instance name to go to the Overview page.
  4. Under SSL, click Update.

    Alternatively, choose Connectivity & Security from the navigation pane. In the Connection Information area, click Update next to the SSL field.

  5. In the displayed dialog box, select the target certificate and click OK.

    Updating a certificate will cause the DB instance to reboot.

  6. View the update result on the Overview page.
  1. Click in the upper left corner and select a region.
  2. Click in the upper left corner of the page and choose Databases > Relational Database Service.
  3. On the Instances page, click the target instance name to go to the Overview page.
  4. Click Download under SSL to download Certificate Download.zip, and extract the root certificate ca.pem and bundle ca-bundle.pem from the package.

    Alternatively, choose Connectivity & Security from the navigation pane. In the Connection Information area, click next to the SSL field to download the root certificate or certificate bundle.

    • You can also download the certificate bundle, which contains both the new certificate provided since April 2017 and the old certificate.
    • TLS v1.2 or later is recommended. Versions earlier than TLS v1.2 have security risks. You can change the value of loose_tls_version to set the protocol version. For details, see Modifying Parameters of an RDS for MySQL Instance.

Parent Topic: Connection Management