1

We recently changed our production RDS instance running MySQL to an encrypted one. I am not sure if the encryption caused the issue or anything else, but now we can't remote connect to the instance through workbench. The connection from our Php application which is hosted on EC2 server under the same account works fine. "REQUIRE SSL" is enabled in MySql. Connection through EC2 console using mysql command is working fine. Security group is setup correctly to allow traffic from our IP. The same AWS account has a dev RDS instance which is not encrypted and connection to that one works fine. Any ideas what the issue could be?

enter image description here

enter image description here

enter image description here

Improve this question

1 Answer 1

Reset to default
1

First up, what's an "encrypted one". Do you mean RDS using encrypted disk? Or do you mean requiring SSL connections? Did it used to work, in the same network? What exactly have you changed since it last worked?

A few things to check:

  • Did you tick the "allow public access" tick box when you created the instance?
  • Are your security group and routing rules set up correctly? NACLs?

This isn't a full answer, but it's too long for a comment. If you can edit your question to include a lot more detail we might be able to help. Screenshots of your RDS configuration, routing, and security groups might help if you think any of them are relevant.

I have a basic tutorial on setting up RDS here.

Improve this answer
4
  • Added 2 images.Please see the links. As a security meassure we were asked to use and encrypted RDS instance. So we created a new instance and selected "Encrypted" during the creation process. Yes, it used to work with the previous instance when it was not encrypted. And yes we are "requiring" SSL connections. Commented Aug 1, 2017 at 7:57
  • Publicly accessible is set to "no". Was that set to "yes" in the last instance? It doesn't automatically make a database public, you still need to allow traffic on security groups and you can limit it to specific IPs. Commented Aug 1, 2017 at 8:20
  • Damn.How did I miss that. You're the man. Thanks a lot. It worked. Commented Aug 1, 2017 at 12:26
  • Great :) When you're happy please select this as the answer, so others know they don't need to come in and try to solve the problem. Commented Aug 1, 2017 at 19:01

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.