microsoft / mssql-docker

Official Microsoft repository for SQL Server in Docker resources
MIT License
1.73k stars 757 forks source link

Configuration for Encrypted Connections #37

Open montge opened 7 years ago

montge commented 7 years ago

Request that linux and windows based images be updated to allow encryption of the connection. Ideally this would allow us to provide PEM files (or whatever format required) as a input which then would get loaded. This would help address the challenge of ensuring developers know how to make sure their application can utilize encryption which is a common challenge in many organizations.

Koubek commented 7 years ago

This is not possible? I am just asking because we use it from MS Dynamics NAV containers in case of using SQL connection. We use proprietary one NAV PowerShell function that uploads a key and configures everything needed on both sides. So I suppose this could be pretty possible, isn`t it?

tmullaney commented 7 years ago

We're working on enabling customers to configure TLS settings for SQL Server on Linux using mssql-conf. This includes specifying which certificate to use (e.g. a PEM file), which protocols (e.g. TLS 1.2), and whether all connections should be forced to use encryption. With luck, this should be available next month.

In the meantime, if a client specifies "Encrypt=True" (or whatever the appropriate keyword is for the driver being used) in the connection string, SQL Server will encrypt the connection using a self-signed certificate.

neilhwatson commented 5 years ago

Still open nearly 2 years later.

twright-msft commented 5 years ago

TLS settings can be set via mssql-conf on start up or via the mssql.conf file. I'm checking to see if we also can handle these settings via environment variables...

mssql-conf: https://docs.microsoft.com/en-us/sql/linux/sql-server-linux-configure-mssql-conf?view=sql-server-2017#tls

aaronjedwards commented 4 years ago

@twright-msft @tmullaney is there any news on this? is it possible now to specify a custom certificate through mssql-conf? and if so is there any example of how to do this?

callalilyz commented 4 years ago

any update on this issue ?

pimeys commented 4 years ago

Is there a way to get this docker image working with TLS on Catalina? I've heard problems with Azure SQL too, where the certificate is not accepted by Apple...

vitalyisaev2 commented 2 months ago

7 years since this issue was opened. Please provide a clear manual of configuring TLS connections with the custom certificates.