This page describes the credentials you need to enter on the Connection credentials screen to create an Microsoft SQL Server (MSSQL) connection. The credentials change based on the Secure Shell (SSH) tunneling option.
These options enable you to securely connect to MSSQL instances through an SSH tunnel. The tunnel offers an additional layer of security by routing database traffic through a secure SSH channel.
There are two types of authentication methods: No Tunneling and SSH Tunnel Key Authentication.
Connect without an SSH tunnel
If you select No Tunneling as the SSH tunneling option, complete these fields:
| Connection credentials fields | Description |
| SSH Tunneling | Select No Tunneling. |
| Username | The authentication user name. |
| Password | The password required to authenticate. |
| Host | The MSSQL host domain. You can get the host from the administrator of your MSSQL or Azure SQL instance. |
| Port | The MSSQL port number. You can get the port number from the administrator of your MSSQL or Azure SQL instance. A typical port number is 1433. |
| Database | The MSSQL database name. |
| Schemas | The MSSQL database schema. This field is optional. You can enter a single schema name, or leave the field empty. If empty, Data Orchestrator retrieves all schemas. |
| Hostname in Certificate | The host name that is used in the MSSQL certificate. |
| Certificate | The unencrypted Certificate Authority (CA) certificate in Privacy-Enhanced Mail (PEM) format. For more information, see the Certificate section below. |
Connect with an SSH tunnel
If you select SSH Tunnel Key Authentication as the SSH tunneling option, complete these fields:
| Connection credentials fields | Description |
| SSH Tunneling | Select SSH Tunneling Key Authentication if you want to connect with an SSH tunnel. |
| Username | The authentication user name. |
| Password | The password required to authenticate. |
| Host | The MSSQL host domain. You can get the host from the administrator of your MSSQL or Azure SQL instance. |
| Port | The MSSQL port number. You can get the port number from the administrator of your MSSQL or Azure SQL instance. A typical port number is 1433. |
| Database | The MSSQL database name. |
| Schemas | The MSSQL database schema. This field is optional. You can enter a single schema name, or leave the field empty. If empty, Data Orchestrator retrieves all schemas. |
| SSH Login Username | The username used to authenticate the SSH tunnel login. |
| SSH Private Key | The private key in unencrypted PEM format used for SSH authentication. Use the following command to decode the SSH private key: Make sure the decoded certificate includes the entire content, exactly as generated. This includes the lines and carriage returns between them. Don't modify, trim, or remove any lines or white space within the block. Here's an example of an Unencrypted CA certificate in PEM format:
|
| SSH Tunnel Jump Server Host | The hostname or IP address of the SSH Jump Server that acts as the tunnel. |
| SSH Connection Port | The SSH port number. |
| Hostname in Certificate | The host name that is used in the MSSQL certificate. |
| Certificate | The unencrypted Certificate Authority (CA) certificate in Privacy-Enhanced Mail (PEM) format. For more information, see the Certificate section below. |
Certificate
The MSSQL connector supports TLS/SSL encryption. TLS/SSL encryption enables you to establish a secure, encrypted connection to MSSQL instances. It protects data in transit from being intercepted or read by unauthorized parties. The connection is secured using a digital certificate installed on the MSSQL server. You need a valid client to ensure a connection to the correct host. This offers another layer of data protection.
For the connector to use the certificate, you must first decode the Base64-encoded CA certificate in the PEM format. Use this command to decode the certificate:
echo <certificate> | base64 --decode
Make sure the decoded certificate includes the entire content, exactly as generated. This includes the lines and carriage returns between them. Don't modify, trim, or remove any lines or white space within the block.
Here's an example of an unencrypted CA certificate in PEM format:
-----BEGIN CERTIFICATE-----
MIIDBzCCAe+....................
.......multiple line...........
-----END CERTIFICATE-----
Note: If you need to edit the connection, you must enter the CA certificate again.
