Security limitations for SQL Server on Linux

Applies to: SQL Server - Linux

SQL Server on Linux currently has the following limitations:

• A standard password policy is provided. MUST_CHANGE is the only option you may configure. The CHECK_POLICY option isn't supported.
• Extensible Key Management isn't supported.
• SQL Server authentication mode can't be disabled.
• Password expiration is hard-coded to 90 days if you use SQL Server authentication.
• Using keys stored in the Azure Key Vault isn't supported.
• SQL Server generates its own self-signed certificate for encrypting connections. SQL Server can be configured to use a user provided certificate for TLS.

Note

If you don't plan to connect your SQL Server containers to Windows Active Directory, the password expiration is hard-coded to 90 days, if you use SQL Server authentication only. To work around this issue, consider changing the CHECK_EXPIRATION policy.

For more information about security features available in SQL Server, see the Security Center for SQL Server Database Engine and Azure SQL Database.

Related content

• Get started with security features of SQL Server on Linux
• Configure SQL Server on Linux with mssql-conf
• Editions and supported features of SQL Server 2022 (16.x) on Linux