Security limitations for SQL Server on Linux
Applies to: SQL Server - Linux
SQL Server on Linux currently has the following limitations:
- A standard password policy is provided.
MUST_CHANGEis the only option you may configure. The
CHECK_POLICYoption isn't supported.
- Extensible Key Management isn't supported.
- SQL Server authentication mode can't be disabled.
- Password expiration is hard-coded to 90 days if you use SQL Server authentication.
- Using keys stored in the Azure Key Vault isn't supported.
- SQL Server generates its own self-signed certificate for encrypting connections. SQL Server can be configured to use a user provided certificate for TLS.
If you don't plan to connect your SQL Server containers to Windows Active Directory, the password expiration is hard-coded to 90 days, if you use SQL Server authentication only. To work around this issue, consider changing the CHECK_EXPIRATION policy.
For more information about security features available in SQL Server, see the Security Center for SQL Server Database Engine and Azure SQL Database.