diff --git a/testing/btest/Baseline/scripts.base.protocols.mysql.encrypted-aws-rds/tls-12.conn.log b/testing/btest/Baseline/scripts.base.protocols.mysql.encrypted-aws-rds/tls-12.conn.log
new file mode 100644
index 0000000000..922962669b
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.mysql.encrypted-aws-rds/tls-12.conn.log
@@ -0,0 +1,11 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	conn
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	local_resp	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
+#types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	bool	count	string	count	count	count	count	set[string]
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	82.239.87.25	58132	79.107.90.25	3306	tcp	-	2.043921	724	3255	SF	-	-	0	ShAdDaFf	14	1460	11	3835	-
+#close XXXX-XX-XX-XX-XX-XX
diff --git a/testing/btest/Baseline/scripts.base.protocols.mysql.encrypted-aws-rds/tls-13.conn.log b/testing/btest/Baseline/scripts.base.protocols.mysql.encrypted-aws-rds/tls-13.conn.log
new file mode 100644
index 0000000000..4daf177fb5
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.mysql.encrypted-aws-rds/tls-13.conn.log
@@ -0,0 +1,11 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	conn
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	local_resp	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
+#types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	bool	count	string	count	count	count	count	set[string]
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	82.239.87.25	57902	79.107.90.25	3306	tcp	-	6.756360	1076	3776	SF	-	-	0	ShAdDaFf	19	2072	14	4512	-
+#close XXXX-XX-XX-XX-XX-XX
diff --git a/testing/btest/Baseline/scripts.base.protocols.mysql.plain-aws-rds/mysql.log b/testing/btest/Baseline/scripts.base.protocols.mysql.plain-aws-rds/mysql.log
new file mode 100644
index 0000000000..16750ec8d8
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.mysql.plain-aws-rds/mysql.log
@@ -0,0 +1,14 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	mysql
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	cmd	arg	success	rows	response
+#types	time	string	addr	port	addr	port	string	string	bool	count	string
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	82.239.87.25	58514	79.107.90.25	3306	login	admin	T	0	-
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	82.239.87.25	58514	79.107.90.25	3306	query	select @@version_comment limit 1	T	0	-
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	82.239.87.25	58514	79.107.90.25	3306	query	select now()	T	0	-
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	82.239.87.25	58514	79.107.90.25	3306	quit	(empty)	-	-	-
+#close XXXX-XX-XX-XX-XX-XX
diff --git a/testing/btest/Traces/mysql/plain-amazon-rds.trace b/testing/btest/Traces/mysql/plain-amazon-rds.trace
new file mode 100644
index 0000000000..fbe1149338
Binary files /dev/null and b/testing/btest/Traces/mysql/plain-amazon-rds.trace differ
diff --git a/testing/btest/Traces/mysql/tls-12-amazon-rds.trace b/testing/btest/Traces/mysql/tls-12-amazon-rds.trace
new file mode 100644
index 0000000000..d79fc71aeb
Binary files /dev/null and b/testing/btest/Traces/mysql/tls-12-amazon-rds.trace differ
diff --git a/testing/btest/Traces/mysql/tls-13-amazon-rds.trace b/testing/btest/Traces/mysql/tls-13-amazon-rds.trace
new file mode 100644
index 0000000000..617a1a95e0
Binary files /dev/null and b/testing/btest/Traces/mysql/tls-13-amazon-rds.trace differ
diff --git a/testing/btest/scripts/base/protocols/mysql/encrypted-aws-rds.test b/testing/btest/scripts/base/protocols/mysql/encrypted-aws-rds.test
new file mode 100644
index 0000000000..fa1f43d0ed
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/mysql/encrypted-aws-rds.test
@@ -0,0 +1,19 @@
+# Just two traces with MySQL running in Amazon RDS tls1.3 and tls1.2
+
+# @TEST-EXEC: zeek -b -r $TRACES/mysql/tls-12-amazon-rds.trace %INPUT
+# @TEST-EXEC: mkdir tls-12 && mv *log tls-12
+#
+# @TEST-EXEC: zeek -b -r $TRACES/mysql/tls-13-amazon-rds.trace %INPUT
+# @TEST-EXEC: mkdir tls-13 && mv *log tls-13
+#
+# @TEST-EXEC: btest-diff tls-12/conn.log
+# #TEST-EXEC: btest-diff tls-12/ssl.log
+# #TEST-EXEC: btest-diff tls-12/x509.log
+#
+# @TEST-EXEC: btest-diff tls-13/conn.log
+# #TEST-EXEC: btest-diff tls-13/ssl.log
+# #TEST-EXEC: ! test -f tls-13/x509.log
+
+@load base/protocols/conn
+@load base/protocols/mysql
+@load base/protocols/ssl
diff --git a/testing/btest/scripts/base/protocols/mysql/plain-aws-rds.test b/testing/btest/scripts/base/protocols/mysql/plain-aws-rds.test
new file mode 100644
index 0000000000..c0b6433514
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/mysql/plain-aws-rds.test
@@ -0,0 +1,7 @@
+# Running with mysql --skip-ssl...
+
+# @TEST-EXEC: zeek -b -r $TRACES/mysql/plain-amazon-rds.trace %INPUT
+#
+# @TEST-EXEC: btest-diff mysql.log
+
+@load base/protocols/mysql