> For the complete documentation index, see [llms.txt](https://upsolver.gitbook.io/content/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://upsolver.gitbook.io/content/reference-1/sql-commands/connections/cdc-connections-with-ssl.md). # CDC Connections with SSL To connect to a database hosted on AWS RDS using SSL, please follow these steps: ### 1. Download a PEM file The first step is to download a Private Enhanced Mail (PEM) file to your workstation. If using AWS RDS certificates, the PEM file will contain the certificate bundle for the AWS Region that hosts your database, and is available from AWS here: If using your own certificates, download a copy to your workstation. *** ### 2. Convert the PEM file to JKS Next, convert your PEM file into a JKS file by following the scripted instructions referenced here: *** ### 3. Add the file to the server The next step is to add the JKS file as a server file to be copied to the compute and API cluster containers on each launch. To run this script you will need an API token to be generated to allow you to authenticate to your Upsolver deployment. Please read the guide on how to [Enable API Integration](/content/how-to-guides-1/setup/enable-api-integration.md) for generating an API token The following script can be run locally on any workstation that has access to the file, and permissions within Upsolver to modify cluster parameters: #### Compute cluster {% code overflow="wrap" %} ``` echo {} | jq '{ clazz: "ModifyServerFile", serverFile: { name: "global_bundle.jks", "path": "/opt/global_bundle.jks", "content": $file1 } }' --arg file1 $(cat | base64) | http PATCH "https://api.upsolver.com/environments//" "Authorization: $(cat )" "X-Api-Impersonate-Organization: " ``` {% endcode %} #### API cluster {% code overflow="wrap" %} ``` echo {} | jq '{ clazz: "ModifyServerFile", serverFile: { name: "global_bundle.jks", "path": "/opt/global_bundle.jks", "content": $file1 } }' --arg file1 $(cat | base64) | http PATCH "https://api.upsolver.com/environments//" "Authorization: $(cat )" "X-Api-Impersonate-Organization: " ``` {% endcode %} *** ### 4. Contact Upsolver support Finally, please contact [Upsolver support](https://support.upsolver.com) to have back end configurations set to force SSL connections using the **global\_bundle.jks** file created in [Step 3](#id-3.-add-the-file-to-the-server). An example of the configuration parameters is shown below: ``` { "database.ssl.mode" : "required", "database.ssl.truststore" : "/opt/global_bundle.jks", "database.ssl.truststore.password": "" } ``` The **truststore** file should be the file you created in [Step 3](#id-3.-add-the-file-to-the-server), and the **password** will be the password used when creating the JKS file in [Step 2](#id-2.-convert-the-pem-file-to-jks). --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://upsolver.gitbook.io/content/reference-1/sql-commands/connections/cdc-connections-with-ssl.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.