How Can I Enforce Encrypted Connections Between HVR and SQL Server?

Question

I want to enforce encrypted database connections for both the HVR Hub Server repository and SQL Server source or target locations. However, all connections to the MSSQL server remain unencrypted. How can I ensure HVR establishes encrypted connections to SQL Server databases?

Environment

HVR 6

Answer

To enforce encrypted connections between HVR and SQL Server, set the following environment variables wherever the connection is being initiated:

• HVR_MSSQL_ENCRYPT=ALWAYS
• HVR_ODBC_CONNECT_STRING_ADD=TrustServerCertificate=Yes

These variables instruct HVR to require encryption and trust the SQL Server certificate.

For SQL Server source or target locations

1. Define the environment variables at the channel level for each SQL Server location.
2. Run Activate Replication with the Jobs option selected.

For the HVR Hub repository (SQL Server)

1. Set the same environment variables at the Hub Server level.
2. Run the following command on the Hub Server command line:

   export HVR_MSSQL_ENCRYPT=ALWAYS
   export HVR_ODBC_CONNECT_STRING_ADD=TrustServerCertificate=Yes
   

3. Restart the Hub Server to apply the changes.

If the Hub Server runs as a systemd service

1. Add the environment variables to the Hub Server's systemd service file.
2. Reload the systemd configuration and restart the service using the following commands:

   systemctl daemon-reload
   systemctl restart hubserver
   

To learn more, see Configuring Restarting of Hub Server after System Reboot.