diff --git a/builtin/logical/database/backend.go b/builtin/logical/database/backend.go
index 7c0fc3fc5a0b..f3ad3fc86f31 100644
--- a/builtin/logical/database/backend.go
+++ b/builtin/logical/database/backend.go
@@ -315,7 +315,7 @@ func (b *databaseBackend) clearConnection(name string) error {
 func (b *databaseBackend) CloseIfShutdown(db *dbPluginInstance, err error) {
 	// Plugin has shutdown, close it so next call can reconnect.
 	switch err {
-	case rpc.ErrShutdown, v4.ErrPluginShutdown:
+	case rpc.ErrShutdown, v4.ErrPluginShutdown, v5.ErrPluginShutdown:
 		// Put this in a goroutine so that requests can run with the read or write lock
 		// and simply defer the unlock.  Since we are attaching the instance and matching
 		// the id in the connection map, we can safely do this.
diff --git a/builtin/logical/database/path_creds_create.go b/builtin/logical/database/path_creds_create.go
index d4fbca6c39d1..020afc4c038c 100644
--- a/builtin/logical/database/path_creds_create.go
+++ b/builtin/logical/database/path_creds_create.go
@@ -92,6 +92,7 @@ func (b *databaseBackend) pathCredsCreateRead() framework.OperationFunc {
 
 		password, err := dbi.database.GeneratePassword(ctx, b.System(), dbConfig.PasswordPolicy)
 		if err != nil {
+			b.CloseIfShutdown(dbi, err)
 			return nil, fmt.Errorf("unable to generate password: %w", err)
 		}
 
diff --git a/changelog/12087.txt b/changelog/12087.txt
new file mode 100644
index 000000000000..9141739c29d9
--- /dev/null
+++ b/changelog/12087.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+secrets/database: Fixed an issue that prevented external database plugin processes from restarting after a shutdown.
+```