• Adam Thurgar

Availability Groups and SSL

SQL Server has supported SSL for a number of years and you can enable SSL encryption for your Availability Group listeners to encrypt your data in transit.

When connecting to an availability group listener, if the participating instances of SQL Server use SSL certificates in conjunction with session encryption, the connecting client driver will need to support the Subject Alternate Name in the SSL certificate in order to force encryption.

Example: In this case there are 3 listeners in the SAN of the SSL certificate

CN = vintdbs003.stage.xyz.com.au

SAN = vintdbs003.stage.xyz.com.au,virlidbs001.stage.xyz.com.au, virlidbs003.stage.xyz.com.au, virlidbs005.stage.xyz.com.au

9 views0 comments

Recent Posts

See All

Cardinality estimator

Recently I was asked by a software vendor to review a particular query that ran in under a second on a SQL Server 2014 installation at a compatibility level of 110 (SQL Server 2012), but when run unde

Index fragmentation

A law firm client, occasionally has issues with their legal software, that is provided by the global leader in this field. The response from the software provider is always the same - you have index f

Deleting large amounts of data

I had a client call me about wanting to delete a large amount of data from their database. They knew what tables they wanted to delete from. They also knew that deleting large amounts of data causes t