A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

Power BI Gateway SSL Issues with managed AWS RDS SQL Server instances

, ,

I had a customer call up and explain their Power BI reports had stopped working, they’re not managed so after working a few things out we got to work and jumped into their Datawarehouse environment in AWS.

After a quick look we could see that their RDS SQL Server instance had TLS turned on and that no one had managed or bothered to rotate the certificate which had now expired. This is a very quick and painless process (since it’s a managed instance) and simply requires a reboot. Once loaded, refreshing a report would result in an error of Something went wrong, and looking in the details we could see The certificate chain was issued by an authority that is not trusted.

You also need to ensure to load the AWS RDS Root certificates onto their Power BI Gateway and Reporting server, downloading them from AWS here and then loading them into the trusted certificate authority in the Windows Certificate store. Once done, we could see reports refreshing and pulling data as expected.

Moral of the story? Just because it’s managed doesn’t mean it’s set and forget…

2 responses to “Power BI Gateway SSL Issues with managed AWS RDS SQL Server instances”

  1. Desain Avatar
    Desain

    Thanks for sharing! Do you usually recommend setting up monitoring or alerts to catch RDS certificate expiry before it causes outages like this?

    Reply
    1. John Avatar
      John

      Definitely something you can do. It also shows the expiry in the RDS dashboard, so it’s hard to miss.

      Reply

Leave a Reply

More Posts

Bad Image Error when installing CrowdStrike sensor on Amazon WorkSpaces

Long time since I’ve posted – I promise I’ve been very busy with life. I was recently assisting a customer with a CrowdStrike Falcon Sensor deployment and we were in the process of updating the gold images in their VDI platform, Amazon WorkSpaces.  CrowdStrike have a nice installation document on their website that you can […]

Using HP Intelligent Management Center (IMC) to push out configuration changes to your Network Switches

I’m currently consulting out at a school and implementing some changes for their environment, one of which is tightening up their networking environment seeing as I don’t want to remote into 60 odd switches to make changes to each of them we can use HP’s Intelligent Management Center (which schools generally get on the cheap).  […]

Bypass Windows 11 TPM Setup Checks

Quick one – I’m doing some testing in my home lab environment with Windows 11 and this box doesn’t have a TPM (so it’s not enabled in Hyper-V). Booting up the Windows 11 iso and trying to install will tell you that it’s unsupported. To get around that, load the setup as normal and once […]