Posted On: Jan 13, 2023

Amazon Relational Database Service (Amazon RDS) has new certificate authorities with 40 year and 100 year validity. SSL/TLS certificates enable secure communication between your clients and databases.

Administrators can control which certificate their organization uses by setting a default certificate per account with a choice of RSA 2048, RSA4096, and ECC384. When provisioning and modifying a database instance you can also specify which certificate you would like to use. Certificates can be changed via the console, or CLI, immediately or schedule in your next maintenance window.

This feature is now available in all AWS Regions and AWS GovCloud (US) Regions. You can find more information about SSL/TLS certificates and certificate controls in the Amazon RDS User Guide.