Forum Discussion
SSL configuration for SQL AG setup having 4 replicas and two listners
Good Morning Team, Can you please guide me for SSL seup with SQL AG listener. We have a platform having 4 AG replicas and one listner having 3 DBs part of AG group. There is a request to have ano...
SivertSolem Thank you.
Does it means, With new certificate imported to SQL, No force encryption, New client can connect with encryption in connection string and old client can connect without encryption like normal without any change in connection string ?
Yes, though I'd recommend you test it yourself.
As described in the scenario 2 in this article, where you have not checked the "force encryption" option, only the clients which require encryption needs to be configured for it.
No action is performed on the clients that does not need to use a secure channel.
https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/special-cases-for-encrypting-connections-sql-server?view=sql-server-ver16#use-a-certificate-issued-by-an-internal-ca-or-created-by-using-new-selfsignedcertificate-or-makecert
As described in the scenario 2 in this article, where you have not checked the "force encryption" option, only the clients which require encryption needs to be configured for it.
No action is performed on the clients that does not need to use a secure channel.
https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/special-cases-for-encrypting-connections-sql-server?view=sql-server-ver16#use-a-certificate-issued-by-an-internal-ca-or-created-by-using-new-selfsignedcertificate-or-makecert
- Thank you
I will test and will update you.