Secure TLS connection between controller and Connector

General information on TLS connections

Since version V5.1.0.0 of SQL4automation, secure, encrypted TLS connections between controllers and the SQL4automation Connector are supported. Certificates are used for this purpose. The certificates must have the ending crt. They are used by a private key with the ending key. The private key can also be protected by a password (passphrase). The controller also uses the certificate to authenticate itself to the connector.

The certificates can be found in Windows under C:\ProgramData\SQL4automation\certs bei Linux unter /var/log/SQL4automation/certs.

All CA certificates are located in the CA subfolder in the known_hosts file. The certificates for the connector are located in the S4AConnector subfolder and the certificates for the QueryTool are located in the S4AQueryTool subfolder.

Setting up a TLS connection

To set up a TLS connection, the corresponding certificates must be selected in the connector and in the controller. It is important that the certificates have been issued with the same CA certificate and that the correct IP address or host name has been selected as the common name (CN). For example, if a connection is established via localhost, the CN must be localhost, 127.0.0.1, or the host name of the PC. The sample certificates enable an encrypted connection between QueryTool and Connector.

Settings in the Connector

Settings in the QueryTool