You can call the ModifyDBInstanceSSL operation to modify the Secure Sockets Layer (SSL) encryption settings of an ApsaraDB for RDS instance.

This operation is used to configure SSL encryption for an instance.

  • This operation is supported for MySQL 5.6, MySQL 5.7 on RDS High-availability Edition with local SSDs, MySQL 8.0 on RDS High-availability Edition with local SSDs, all SQL Server versions and editions, and all PostgreSQL versions with standard or enhanced SSDs.
  • Read/write splitting endpoints do not support SSL encryption.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ModifyDBInstanceSSL

The operation that you want to perform. Set the value to ModifyDBInstanceSSL.

ConnectionString String Yes

The internal or public endpoint for which the SSL certificate needs to be created or updated.

  • Each instance can have only one endpoint protected by the SSL certificate.
  • ApsaraDB RDS for PostgreSQL only supports the SSLEnabled parameter. It does not support the ConnectionString parameter. You can set ConnectionString to any value.
DBInstanceId String Yes rm-uf6wjk5xxxxxxx

The ID of the instance.

SSLEnabled Integer No 1

Specifies whether to enable or disable SSL encryption. Valid values:

  • 1: enables SSL encryption.
  • 0: disables SSL encryption.

Response parameters

Parameter Type Example Description
RequestId String 777C4593-8053-427B-99E2-105593277CAB

The ID of the request.


Sample requests

http(s):// Action=ModifyDBInstanceSSL
&<Common request parameters>

Sample success responses

XML format


JSON format

    "requestId": "777C4593-8053-427B-99E2-105593277CAB"

Error codes

For a list of error codes, visit the API Error Center.