Keycloak ECS unable to connect AWS Aurora over SSL

Hi, I’m looking to run keycloak doker on AWS ECS with RDS Aurora as database. in this case I unable to connect database over SSL, trying to up container using 8443 port, If we used 8080 port database connection get success.

I used below Environment Variables:
JDBC_PARAMS : enabledTLSProtocols=TLSv1.2
and DB Connection related params

Any help would be appreciated.

Thank You

Make sure you are using the latest CA RDS cert and you have opened sec. group properly. Ref:

Thanks for the reply jangaraj, we are using latest aurora version

Latest Aurora version != latest CA certificates


Its already rds-ca-2019

Hi, I’m having almost the exact same issue as you and have not been able to find a solution. Have you by any chance been able to find a solution to this problem?

Had the same issue, and seemed to find that RDS/Aurora uses old TLS versions… had to drop the version spec and include useSSL=true + trustServerCertificate=true.

Note: I used mariadb connector.

Thank you your answer @deadlysyn! I can confirm that this also works for me.
What I don’t really understand about this whole thing is that as far as I can figure out RDS/Aurora should support TLSv1, TLSv1.1 and TLSv1.2 which I understand that the MySQL connector that the Keycloak Docker image uses should also support…