Configuring an SSL Connection

Secure Socket Layer (SSL) is an encryption-based Internet security protocol for establishing an encrypted link between a server and a client. It provides authenticated Internet connections to ensure the privacy and integrity of online communications. SSL:

Authenticates users and servers, ensuring that data is sent to the correct clients and servers.
Encrypts data, preventing it from being intercepted during transmission.
Ensures data integrity during transmission.

Clients using versions earlier than 5.1 have SSL compatibility issues. By default, SSL is disabled for new RDS for MySQL instances. If your client has no SSL compatibility issues, you can enable SSL by referring to Enabling SSL. Enabling SSL will increase the network connection response time and CPU resource consumption. Before enabling it, evaluate any potential impacts on service performance.

You can connect to a DB instance through a client using an SSL or non-SSL connection.

If SSL is enabled, you can connect to the instance using an SSL or non-SSL connection. The SSL connection encrypts data and is more secure.
If SSL is disabled, you can only connect to the instance using a non-SSL connection.

Enabling or disabling SSL will cause DB instances to reboot and interrupt connections. Exercise caution when performing this operation.

To enhance security, the cipher suite ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES128-GCM-SHA256, or DHE-RSA-AES256-GCM-SHA384 is recommended for SSL connection. To use these cipher suites, contact customer service to configure the ssl_cipher parameter.

Enabling SSL

Log in to the management console.
Click in the upper left corner and select a region.
Click in the upper left corner of the page and choose Databases > Relational Database Service.
On the Instances page, click the target instance name.
On the Overview page, find SSL and click Enable.
In the displayed dialog box, click OK.
Wait for some seconds and check that SSL has been enabled on the Overview page.

Disabling SSL

Log in to the management console.
Click in the upper left corner and select a region.
Click in the upper left corner of the page and choose Databases > Relational Database Service.
On the Instances page, click the target instance name.
On the Overview page, find SSL and click Disable.
In the displayed dialog box, click OK.
Wait for some seconds and check that SSL has been disabled on the Overview page.

Parent Topic: Security and Encryption

Previous topic: Performing a Server-Side Encryption

Next topic: Configuring the TDE Function

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot