Protocol encryption
When using a Datastore based on Microsoft SQL Server 2005 or higher, you can optionally use protocol encryption to secure communication between the Datastore and the components that connect to it (Consoles and Dispatchers, and as of version 2020.0, the Management Portal).
Prerequisites
- Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL) on the machines running the Consoles and Dispatchers.
- Prior to version 2020.0, Automation used the Microsoft SQL Native Client, which has been deprecated by Microsoft. With version 2020.0 and newer, having only the Microsoft SQL Native Client on the machines running the Consoles and Dispatchers will keep the feature functional, but not configurable.
Configuration
- When creating a new Datastore, select Force Protocol Encryption in the Datastore Wizard.
- When connecting to an existing Datastore or changing the protocol encryption settings of the current Datastore, select Force Protocol Encryption at Setup > Database.
- If you enable protocol encryption for an existing Datastore:
- Protocol encryption needs to be enabled for any individual Console that connects to the Datastore.
- Any available Dispatchers must be repaired before the setting takes effect. This forces the Dispatchers to reload the connection parameters to the Datastore.
- At Topology > Console and Dispatcher, the property Database Encryption will be set to Yes.
- The SSL parameters that the Microsoft SQL Server database uses to encrypt communication to Dispatchers and Consoles depend on the Security Certificate used by this database.