Help Center/ TaurusDB/ User Guide/ Security and Encryption/ Configuring SSL for a DB Instance
Updated on 2025-08-21 GMT+08:00

Configuring SSL for a DB Instance

Secure Socket Layer (SSL) is an encryption-based Internet security protocol for establishing secure links between a server and a client. It provides privacy, authentication, and integrity to Internet communications. SSL:

  • Authenticates users and servers, ensuring that data is sent to the correct clients and servers.
  • Encrypts data, preventing it from being intercepted during transmission.
  • Ensures data integrity during transmission.

By default, SSL is enabled for new DB instances. Enabling SSL increases the network connection response time and CPU usage, and you are advised to evaluate the impact on service performance before enabling SSL.

You can use a client to connect to your DB instance through a non-SSL or SSL connection.

  • If SSL is enabled for your DB instance, you can connect to your DB instance using SSL, which is more secure.
  • If SSL is disabled, you can only connect to your DB instance using a non-SSL connection.

Constraints

Enabling or disabling SSL will reboot the instance immediately. During the reboot, the instance is unavailable. Rebooting an instance will clear the cached memory in it. You are advised to reboot it during off-peak hours.

Disabling SSL

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and project.
  3. Click in the upper left corner of the page and choose Databases > TaurusDB.
  4. On the Instances page, click the instance name to go to the Basic Information page.
  5. In the Configuration area, click under SSL.
  6. In the displayed dialog box, click OK.

    Figure 1 Disabling SSL

  7. After a while, check the SSL status on the Basic Information page. It is disabled.

Downloading an SSL Certificate

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and project.
  3. Click in the upper left corner of the page and choose Databases > TaurusDB.
  4. On the Instances page, click the instance name to go to the Basic Information page.
  5. In the Configuration area, click Download under SSL.
  6. Download Certificate Download.zip, and obtain the root certificate ca.pem and bundle ca-bundle.pem from the package.