Certificate Verification at Fivetranlink
Transport Layer Security (TLS, also referred to as Secure Socket Layer, HTTPS, or SSL) is one of the encryption methods that Fivetran uses to secure data in motion. TLS allows for both encryption and authentication of the connections that Fivetran makes to your data sources and to your destinations.
Fivetran connections made over TLS are always encrypted, and support automatic verification for connectors that use hostname verification (such as web-based applications), and for proprietary systems with built-in certificate authority management such as Snowflake, BigQuery, and Redshift.
For other connectors, such as customer operated databases, we support verifying a certificate using root certificate authority verification.
Verifying a certificatelink
Connectors require a user to explicitly select the certificate to use as the trust anchor. Customers who use self-signed certificates for their databases can do the verification based on the fingerprint of the certificate, and customers who use a certificate authority model can select the authority which Fivetran should validate against.
Auditing trusted certificateslink
The account page in your Fivetran dashboard includes a section where your security team can audit all the trust selections that have been made within your Fivetran configuration. You have the option to revoke the trust of a certificate at any time. Once a certificate’s trust has been revoked, you will need to re-run the setup tests for any affected connectors to select the new certificate and resume data replication.