Transport Layer Security (TLS) support for SQL Server database (Optional)

TLS is a cryptographic protocol designed to provide secure communication over a network. When enabled for databases, TLS ensures that data exchanged between clients and database servers is encrypted in transit, protecting against eavesdropping, man-in-the-middle attacks, and data tampering.

Caution: Customers are solely responsible for enabling database transport encryption between the application and the database. The application supports encrypted database transport through TLS; however, the application's default configuration does not enable TLS or any other form of encryption for database transport. As a result, the communication between the application and the database is not encrypted by default, which means the transmitted data will be in plain-text and susceptible to various forms of cyberspace security attacks, such as data interception, modification, man-in-the-middle, and more, resulting in violation of confidentiality and integrity of the data.

For more information, refer to the following links in the SQL Server troubleshooting documentation on Microsoft Learn:

• Enable Encrypted Connections to the Database Engine (SQL Server Configuration Manager)

• TLS 1.2 support for Microsoft SQL Server - SQL Server

• Configure TLS 1.3 on SQL Server 2022 and later - SQL Server

To enable TLS, update configurations, and validate connections, coordinate with DBAs, network/security, and application teams.

Important! To enable database transport encryption, the customer must enforce TLS on a database with version 1.2 (at the minimum). The communication will be encrypted only if TLS is enforced at the database level.