Does MSSQL Server support mutual TLS

Gong, Allen 35 Reputation points

We know that we can access MSSQL Server with encrypted connection, my question is does this encrypted connection support mutual TLS? I mean can we provide client certificate to establish the TLS connection to MSSQL Server? If mutual TLS is supported, how can I do it in JDBC and ODBC driver?

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,927 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Gong, Allen 35 Reputation points

    Hi @LucyChenMSFT-4874 ,

    Thanks for your information, actually I have read the article you mentioned in your comment, but I think it just says TLS can be mutual and client can send its certificate to server, it does not say MSSQL Server support mutual TLS. I also read other document about MSSQL Server and got the information that Client Certificate is only supported by MSSQL Server on Linux, further more, it requires the client and MSSQL Server should on the same Linux Server.

    Your article is about how to enable TLS with MSSQL Server, but my question is that if we can provide client certificate to MSSQL Server when we establish the TLS connection to it.

    2 people found this answer helpful.

  2. LucyChenMSFT-4874 1,660 Reputation points

    Hi @Gong, Allen,

    Thanks for your information.The MSSQL Server supports mutual TLS.

    From this article, we can get the information:

    Typically, the authentication is one-way, where the source verifies the identity of the target, but mutual TLS authentication is also possible.

    • We can connect to SQL Server database using TLS 1.2 through ODBC option. Please enable the TLS 1.2, then create a connection to SQL Server. You can check out the steps in this article, although the issue is not exactly the same as yours, you can use it as a reference.
    • How to connect to SQL from JDBC, please check out this article.

    Feel free to share your issue here.

    Best regards,

    Lucy Chen

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our Documentation to enable e-mail notifications if you want to receive the related email notification for this thread.