• Topic
  • Discussion
  • UdaWikiWeb.ConfigureSQLSSL(Last) -- Owiki? , 2018-12-18 09:53:54 Edit owiki 2018-12-18 09:53:54

    Force SSL Data Encryption on Database Connections to Microsoft SQL Server

    This setup is not necessary for connections to Microsoft SQL Server instances which are configured to demand SSL connections from clients; such demands are handled automatically by the drivers.Note that SSL connections are never supported by Microsoft SQL Server 7 or earlier, nor when using TDS Version 7.0 or 4.2.

    Single-Tier (Express Edition) ODBC Drivers (Mac & Windows)

    1. Log in to the machine that hosts OpenLink's Single-Tier (Express) Drivers.
    2. Launch your ODBC or iODBC Data Sources Administrator.
    3. Locate your OpenLink DSN.
    4. Click the Configure button.
    5. Scroll through the configuration screens until you find the Advanced button.
    6. Click the Advanced button.
    7. Locate the SSL parameter.
    8. Set the SSL parameter to one of the following options:
      • off ­ - SSL is not request or used. This is the default.
      • request ­- SSL is requested; if the server does not support it then a plain connection is used.
      • require ­ - SSL is requested; if the server does not support it then an exception is thrown.
      • authenticate - ­ Same as require except the server's certificate must be signed by a trusted CA.

    Single-Tier (Lite Edition) ODBC Drivers

    Single-Tier (Lite Edition) ODBC Drivers - Mac & Windows

    1. Log in to the machine that hosts OpenLink's Single-Tier (Lite Drivers).
    2. Launch your ODBC or iODBC Data Sources Administrator.
    3. Locate your OpenLink DSN.
    4. Click the Configure button.
    5. Scroll through the configuration screens until you find the "Use strong encryption of data" checkbox.
    6. Tick the Encryption checkbox to make the driver demand an SSL encrypted connection to the Microsoft SQL Server instance. If the target instance is not configured for or capable of SSL connections, the connection will fail.
    7. Tick the "Verify Server Certificate" to verify the SSL Certificate presented by the database server against a local certificate. You must also specify the location of a Valid SSL Certificate for this verification.

    Single-Tier (Lite Edition) ODBC Drivers - Unix

    1. Login to the machine that hosts OpenLink's Single-Tier client drivers.
    2. Use the Web-based iODBC Data Sources Administrator to access your DSN.
    3. Locate the Connection Options field of your DSN.
    4. Pass the following flags and applicable attributes in the Connection Options field:
      • -E - The driver will demand an SSL encrypted connection to the Microsoft SQL Server instance. If the target instance is not configured for or capable of SSL connections, the connection will fail.
      • -R - Verify the SSL Certificate presented by the database server against the one specified with the -D flag.
      • -D </path/to/file> - Specify the location of a Valid SSL Certificate to be used for the verification triggered by the -R flag

    Multi-Tier Drivers (all data access mechanisms)

    1. Login to the machine that hosts OpenLink's Multi-Tier Generic Client ODBC Driver, JDBC Driver, or ADO.NET Provider.
    2. Use the relevant Data Sources Administrator or Web-Based Admin Assistant to access your ODBC DSN, JDBC URL, or connect string.
    3. Locate the Connection Options field of your connect string.
    4. Pass the following flags and applicable attributes in the Connection Options field:
      • -E - The driver will demand an SSL encrypted connection to the Microsoft SQL Server instance. If the target instance is not configured for or capable of SSL connections, the connection will fail.
      • -R - Verify the SSL Certificate presented by the database server against the one specified with the -D flag.
      • -D </path/to/file> - Specify the location of a Valid SSL Certificate to be used for the verification triggered by the -R flag

    Referenced by...