MySQL in RDS not enforcing SSL even when require_secure_transport parameter is set to true

Question

I have a MySQL instance in RDS and I have created a parameter group and set require_secure_transport parameter to 1. Since it's a dynamic parameter, I was expecting it to take effect automatically, but it didn't, even after 30 minutes. I tried restarting the database instance, even then when I connect from mysql CLI, it doesn't enforce. It just works fine without any SSL certificate. Where am I going wrong?

Thanks in advance.

Answer

Hi,

According to the [AWS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/mysql-ssl-connections.html#mysql-ssl-connections.require-ssl) and  [MySQL documentation](https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_require_secure_transport ), you must set the `require_secure_transport` parameter value to `ON` (Not  “1”) to require SSL/TLS for connections to your DB instance. Could you check it?

Answer

I have the same issue, and I have also rebooted the RDS instance.

SSL is not enforced when `require_secure_transport` is set to `1` ( which is `ON`).

Answer

Hello.  
As you recognize, it is a dynamic parameter, so I don't think a restart is necessary.  
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/mysql-ssl-connections.html

Just to be sure, is the parameter group set in the RDS correct?  
Are you editing different parameter groups?

MySQL in RDS not enforcing SSL even when require_secure_transport parameter is set to true

Relevant content