Skip to Content

Configure Jump Server to use SSL for AWS RDS

How to configure Ezeelogin Jump Server to use SSL for AWS RDS database connection?

Refer this article to set up AWS RDS .
You can download certificates for using SSL in AWS RDS from here .

1. Move certificates to a directory and specify them in the below steps.

2. Try connecting RDS with SSL using the below command.

root@localhost ~]# mysql -h mysql–instance1.123456789012.us-east-1.rds.amazonaws.com --ssl-ca= /path_of_cert_file/rds-combined-ca-bundle.pem -P 3306 -u mymasteruser -p

3. Append below lines in /usr/local/etc/ezlogin/ez.conf file and specify the path of cert to use SSL RDS with Ezeelogin.

root@localhost ~]# vim /usr/local/etc/ezlogin/ez.conf

mysql_encrypt yes
 
mysql_ssl_ca /path_of_cert_file/rds-combined-ca-bundle.pem

4. Try accessing GUI and Ezeelogin shell to confirm if its using RDS SSL.

5. Run below commands in RDS, if you got database error.

root@localhost ~]# mysql -h mysql–instance1.123456789012.us-east-1.rds.amazonaws.com -u mymasteruser -p

[Enter password]

mysql > grant all on ezlogin_databasename.* to 'mysql_username'@'%' identified by 'password' with grant option;

mysql > grant all on ezlogin_databasename.* to 'mysql_username'@'%' identified by 'password';

mysql > flush privileges;

mysql > exit