平安云|Ping An Cloud- Building Your Smart Future

Relational Database Service

This article describes how to enable SSL encryption. Overview SSL (Secure Sockets Layer) encryption can encrypt the network connection in the transmission layer. In order to enhance security of data transmission link, you can enable SSL encryption to improve the security and integrity of communication data. But the response time of network connection will increase after SSL encryption is enabled. A general instance and read-only instance support enabling SSL encryption. Prerequisites You have successfully created an instance. For more information, see <a href="http://pinganyun.com/ssr/help/database/RDS/User_Guide_RDS_MySQL.Instance_Management.Create_Instance.Create_Common_Instance" target="_blank">Create a General Instance</a>, <a href="http://pinganyun.com/ssr/help/database/RDS/User_Guide_RDS_MySQL.Instance_Management.Create_Instance.Create_Slave_Instance" target="_blank">Create a Remote Disaster Recovery Instance</a> or <a href="http://pinganyun.com/ssr/help/database/RDS/User_Guide_RDS_MySQL.Instance_Management.Create_Instance.Create_Read_Only_Instance" target="_blank">Create a Read-only Instance</a>. Usage Guidelines <ul> <li>Enabling SSL encryption of general instances will lead to restarting the general instances created by your account. The instances will be restarted at the same time as you create a disaster recovery instance.</li> <li>SSL Encryption of read-only instances can be enabled independently from that of the general instances.</li> <li>SSL Encryption of citywide read-only instances and remote read-only instances can be enabled separately.</li> <li>Enabling SSL Encryption of citywide read-only instances only leads to restarting citywide read-only instances; enabling SSL encryption of remote read-only instances only leads to restarting remote read-only instances.</li> <li>You enable SSL Encryption in the console. It only means that Ping An Cloud provides SSL encryption. When connecting to RDS MySQL instances, you can select whether to enable SSL encryption. If you want to enable it, you need to download a certificate in the console. If not, you do not need to download a certificate and just connect to the instances as normal.</li> <li>Due to inherent defect of SSL encryption, enabling SSL encryption may significantly increase the CPU usage. We recommend that you perform the task with caution.</li> </ul> Procedures 1.  Log in to the <a href="http://pinganyun.com/console/rds/overview" target="_blank">RDS Console</a>. 2.  In the left navigation pane, click RDS-MySQL to enter the DBPaaS for RDS-MySQL page. 3.  Select the target region. 4.  In the Operations column of the target instance, click Manage. Select White List tab. 5.  In the SSL Setting area, switch on Enable SSL Encryption to enter Enable SSL Encryption page. <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20200307170823-13d70edd9d1c.png" style="height:213px; width:830px" /> 6.  Select an effective time. Currently it supports one month, six months, one year, three years, and ten years. One year is the default value. <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20200307170852-11cf6880919f.png" style="height:278px; width:758px" /> 7.  Click Save to enter the Verification Code page. 8.  The system will send a verification code to the mobile phone that is bound to the account. Fill in the verification code and click Confirm. 9.  The Status of the target instance is Restarting. Result <ul> <li>The Status of the target instance is Running.</li> <li>In the Operations column of the target instance, click Manage. Select White List tab. In the SSL Setting area, you can view SSL Encryption is enabled and Status is Encrypted and also view the effective time of SSL encryption.</li> </ul> <img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20200307170915-11d419b49bf9.png" style="height:230px; width:830px" />

Did the above content solve your problem? Yes No