CODEWITHSUNDEEP
sql-serverjdbcgoogle-apps-scriptazure-sql-database
Mara
Mara

Reputation: 371

How to securely connect Google Apps Script to Azure SQL Server Database?

I'm reluctant to connect to use getConnection from within GAS to connect to Azure SQL Database, as I'm not sure the connection would be encrypted. Since it's sensible data I want to pull from GAS, I'd like to have it go through encrypted connection but I don't know how to achieve it? Are at least credentials encrypted when authenticating? What damage can a man in the middle do?

Would I have ore secure options if I would host the Database on non-Azure SQL Server? getConnection provides _serverSslCertificate, _clientSslCertificate and _clientSslKey, but I don't think they can be used on Azure SQL Server, right?

https://developers.google.com/apps-script/reference/jdbc/jdbc#getConnection(String)

Upvotes: 0

Views: 554

Answers (1)

David Browne - Microsoft
David Browne - Microsoft

Reputation: 89386

Connections to Azure SQL Database are always encrypted.

And you can test trustServerCertificate is off by connecting with the IP address instead of the FQDN. With trustServerCertificate=false, the connection will fail unless you connect with the FQDN. The error should look something like:

A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.)

"All connections to Azure SQL Database require encryption (SSL/TLS) at all times while data is "in transit" to and from the database"

from: Securing your SQL Database

Upvotes: 1

Related Questions