none
Test data in transit encryption

    Question

  • I put SSL certs on three nodes of a AlwaysOn AG cluster.  The encryption is associated with a named instances on non-default port (in case that matters).  I set Force Encryption setting.  Let's assume that i configured the SSL certs properly for the instances I described.  How can I test/verify that traffic is encrypted to/from any given client or client app?  Is there a utility to do that?    Thanks.  
    Tuesday, May 15, 2018 11:30 PM

All replies

  • Hi District,

    To quickly check SSLS is configured on your SQL Server you can run the following query.

    SELECT session_id, encrypt_option
    FROM sys.dm_exec_connections

    This query dumps the information about the connections to your SQL Server and any of them using a secured connection will have a 'True' value in the encrypt_option column.

    In my environment, I haven't configured the SSL in SQL Always on. So, the value if False.

    To configure SSL in SQL Always on, you can refer to: SQL 2014 AlwaysOn AG Pt. 13: SSL

    Regards,

    Pirlo Zhang


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Wednesday, May 16, 2018 6:06 AM