Kony Cloud hosted database SSL certificate-authority (CA) certificate rotation

The current Kony Cloud hosted database certificate-authority (CA) certificate expires on March 5, 2020. CA certificate verification is usually strictly enforced when SSL/TLS is enabled. The Kony Cloud systems will be updated, but if customers are connecting to a hosted database from an on-premise application or client using SSL, and validating the SSL certificate, then customers will need to add the updated certificates to the local TrustStore for Java, or add to the certificate store for other application types.

How do I know if on-premise database clients or applications are affected?

If on-premise applications do not use SSL/TLS to connect to a Kony Cloud hosted database instance, or if on-premise applications do not require server certificate validation, then this change should not impact connectivity.

Customers’ on-premise applications or on-premise clients that connect to a Kony hosted MySQL database and that use SSL/TLS with certificate validation will be affected by this change.

Customers should consult local on-premise application technical support team to verify if the SSL certificate update affects on-premise applications. Customers must determine if on-premise applications require the new CA certificate to avoid connection issues from an on-premise client, including laptops, that are using SSL connections to communicate to a Kony Cloud hosted database.

Customers can download the new CA root certificate, and the intermediate certificates if required, from here: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html

While customers’ on-premise application code should not require any changes, the updated certificates should be added to existing certificate stores before March 5th. The existing certificates can be removed after March 7th.

The certificate updates will begin on March 4th before expiration of the current certificate on March 5th 09:00 UTC. The updates will be applied off-hours and will incur a service interruption of less than 2 minutes.

In general, maintenance is designed to mitigate disruptions to service availability and performance for the impacted Cloud services. However, it is possible for the impacted Cloud services to be unavailable and/or performance degraded for a short period of time during the maintenance window.

General Information

• App (Server) and Sync service upgrades: If you have a Cloud containing either of these services and wish to upgrade, please open a support case and specify the desired version(s) as well as your desired maintenance window(s) for when we can apply the upgrade(s).
• Hotfix and support end of life for older versions of the platform: For more information, please review our EOL announcements page within Base Camp. If you would be interested in assistance with scheduling your upgrades, we recommend that you review our Premier upgrade program.
• Additional questions: We encourage you to visit Base Camp.