Overview
To utilize a DirectSQL connection, you will need to follow the instructions in the link below to configure the local SQL Server to use an encrypted connection. Note that a .pfx-formatted SSL certificate is required. When using a SSL certificate, please be sure to utilize a certificate obtained from a valid Certificate Authority (CA).
The steps below should be performed by local IT. Support can assist with the application of the certificate, but we cannot acquire the certificate, nor make the relevant DNS entries on our client’s behalf.
1.) Configure SQL Server encryption
2.) Next, ensure
Requirements
To configure a DirectSQL Connection, you will need:
Microsoft SQL Server installed on a on-premise workstation or server
A SSL Certificate in a .PFX format
Internet Access for the SQL Server to allow the machine to connect to the Square 9 Cloud
An External IP Address
A Fully Qualified Domain Name with a DNS Entry that points to your SQL Server
Configuring the Connection
Configure TCP/IP on the SQL Server.
Ensure that the SQL Server port (usually 1433) is accessible over the internet, and that a DNS record points to the on-premises SQL Server.
This should be opened on your firewall on an external IP Address, see the whitelist URLs below.
Configure a SQL Server User with a strong password and appropriate permissions levels to accommodate the scope of query or queries being made.
Next, ensure that the SQL Server port (usually 1433) is accessible over the internet, and that a DNS record points to the on-premises SQL Server.
Code Block |
---|
Server=<sqlserverfqdn>;Database=<dbname>;UID=<user>;PWD=<password>; |
Testing the Connection
If you have successfully configured the connection, you should be able to connect to your server via SQL Server Management Studio.
Optional
...
Whitelists
You can restrict access to the SQL server by whitelisting the following domains:
<subdomain>.mysquare9.com
capture-<subdomain>.mysquare9.com
Certificate Expiration
All SSL Certificates have a set expiration date. The certificate will need to be renewed prior to expiration to maintain an uninterrupted connection.