Unable to setup a Cluster with SSL-enabled SQL Server

Overview

SSL configurations in ScaleArc either during cluster creation or when enabling SSL for an already created cluster does not work and the database servers stay in red state but go green as soon as the Force SSL Encryption option is disabled on the MSSQL side.

 

Environment

  • ScaleArc releases after v3.11.0.2
  • Microsoft SQL Server database (MSSQL)

 

Solution

In order to create a ScaleArc cluster running a release newer than v3.11.0.2 and pointing to an SSL-enabled SQL Server, the 'Force Data Encryption' option must be enabled in ScaleArc for the database servers to be added to the cluster successfully. This option forces all connections to the database server to be fully encrypted.

Follow these steps to enable the 'Force Data Encryption' option at cluster creation time:

  1. Execute the cluster creation steps described in Creating Clusters.
  2. Complete the SSL configuration as described in Configuring Cluster SSL Settings.

  3. Ensure the Force Data Encryption checkbox is selected as shown below: Force_Data_Encryption.png

For already created clusters, you can modify the SSL Settings to 'Force Data Encryption' by following these steps:

  1. On the ScaleArc dashboard, navigate to CLUSTERS > Status column > Cluster Settings button. 
     
  2. Click on the SSL tab in the Cluster Settings dashboard.
  1. Select the Force Data Encryption checkbox located under the ScaleArc as Server section and save the configuration.ScaleArc_as_Server_-_Force_Data_Encryption.png

Testing

You should now be able to successfully add SSL-enabled MSSQL database servers and the status should stay green in ScaleArc after enabling Force Encryption on the MSSQL side.

MSSQL_Force_Encryption.png

The green status icons next to the SSL-enabled MSSQL servers confirms that the database servers were successfully added to the cluster and are ready to receive traffic.

SSL-Enabled_MSSQL_Servers.png

Back to top

Comments

0 comments

Please sign in to leave a comment.