Enabling and Disabling SSL for a DB instance

Secure Socket Layer (SSL) is an encryption-based Internet security protocol for establishing secure links between a server and a client. It provides privacy, authentication, and integrity to Internet communications. SSL:

  • Authenticates users and servers, ensuring that data is sent to correct clients and servers.

  • Encrypts data to prevent data theft.

  • Ensures data integrity during transmission

SSL is disabled for new DDM instances by default. Enabling SSL will prolong network connection response and increase CPU usage. So, evaluate impacts on service performance before enabling SSL.

You can connect to a DDM instance from your client with two methods: using SSL connection or a non-SSL connection.

  • If SSL is enabled, you can connect to the instance using an SSL or non-SSL connection. SSL encrypts connections to the DB instance, making in-transit data more secure.

  • If SSL is disabled, you can only connect to the instance using a non-SSL connection.

     
    Important

    Enabling or disabling SSL will cause the instance to reboot immediately. During the reboot, the instance is unavailable. Rebooting an instance will clear its cache. To prevent traffic congestion during peak hours, you are advised to reboot it during off-peak hours.

Enabling SSL

  1. Log in to the DDM console.

  2. On the Instances page, locate the instance that you want to connect to and click its name.

  3. On the Basic Information page, at the Instance Information area, click image1 in the SSL field.

  4. In the displayed dialog box, click Yes.

  5. On the Basic Information page, view the results.

Disabling SSL

  1. Log in to the DDM console.

  2. On the Instances page, locate the instance that you want to connect to and click its name.

  3. On the Basic Information page, at the Instance Information area, click image2 in the SSL field.

  4. In the displayed dialog box, click Yes.

  5. On the Basic Information page, view the results.

Downloading the CA certificate

  1. Log in to the DDM console.

  2. On the Instances page, locate the instance that you want to connect to and click its name.

  3. On the Basic Information page, at the Instance Information area, click Download in the SSL field.

  4. Download the CA certificate.

last updated: 2025-04-08 09:04 UTC - commit: dfc9d8ad2b0dad4ee646c151aefe97075a21e596