You are viewing limited content. For full access, please sign in.

Question

Question

How to enable Workflow server SSL-TLS to the SQL server?

Workflow
Updated February 19
asked on July 28, 2022

In the SSL-TLS White paper, there is a procedure to encrypt DATA between the Workflow server and databases, but that procedure is only for external Databases that the Workflow server connect to when Workflows are running.

It does not provide a procedure to enable SSL-TLS connection for the underlying Workflow Engine SQL Database... and this is this procedure that I would like to get.

Where do we set this and what are the steps?

I'm configuring right now the latest V11

0 0

Replies

replied on August 1, 2022

Hi Daniel,

It is best to configure and enable the Force Encryption option within SQL Server itself. Enabling Force Encryption causes all client connections to the SQL Server instance to use encryption without any special configuration required for each client. 

You can find Microsoft's documentation on enabling that option here:

https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/enable-encrypted-connections-to-the-database-engine?view=sql-server-ver16

0 0
View 2 previous replies
replied on July 21, 2023

Is this the only option?

0 0
replied on July 21, 2023

Strictly technically speaking, no. However, it is unquestionably the option you should use. The other methods involve making a bunch of tricky client-side changes to individual SQL drivers and connection strings. 

Implement it server-side as described above. You'd have to have an incredibly compelling niche edge case to even consider the alternatives.

replied on July 21, 2023

It is the only one that Laserfiche supports (and also the one Microsoft recommends). Other methods technically exist but they are far more complicated and error-prone than enabling the Force Encryption option within SQL Server.

0 0
replied on July 21, 2023

All of our other Laserfiche services are currently creating secure connections to the repository database and the directory server license database, only workflow remains.  Is there a connection string / registry setting that can be used to ensure that the workflow server creates an encrypted connection to the SQL Server database?  I understand that the Force Encryption option is the recommended option, however at this point in time, we are unable to use this option and we are looking at alternate solution for the Workflow service.

 

0 0
replied on July 21, 2023

Can you elaborate on the specific reasons for this?

I understand that the Force Encryption option is the recommended option, however at this point in time, we are unable to use this option

In order to have the client-side configurations working with other Laserfiche applications, you must already have most/all of the prerequisites for Force Encryption in place on the SQL Server instance.

0 0
replied on February 19

A little late for this thread maybe, but the connection string parameters, Encrypt=True; TrustServerCertificate=False; might be what you need.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...