As part of, AWS's standard maintenance everyone using RDS should update their SSL/TLS by 2/5/2020. I don't use SSL/TLS keys for my personal project, and I understand we still need to rotate the certs if you do not wish to restart.
From AWS docs:
I don’t use SSL/TLS, can I rotate the certificate without restarting my database?
If you do not want to restart your database, you can use a new CLI option for the modify-db-
instance CLI command (--no-certificate-rotation-restart) specifically to rotate and stage the
new certificates on the database host to avoid a restart. However, new certificates will be
picked up by the database only when a planned or unplanned database restart happens.
So I tried command:
aws rds modify-db-instance --db-instance-identifier my-instance-1 --ca-certificate-identifier rds-ca-2019 --no-certificate-rotation-restart --region us-east-1
This is what I get in output
Unknown options: --no-certificate-rotation-restart
I Have the latest awscli
awscli==1.16.314
