Home » Fips compliance
 

Migrating to SSL Enabled Databases in Endpoint Central 

This guide provides step-by-step instructions for migrating from a non-SSL enabled MSSQL database to an SSL enabled MSSQL database in Endpoint Central. Follow the steps outlined below to ensure a successful migration.

Prerequisites

  1. You should have administrative privileges on the system where Endpoint Central is installed.
  1. Obtain the SSL certificate for your target MSSQL server.

Steps for Migration

  1. Import SSL Certificate to the JRE Keystore
    1. Open a command prompt in administrator mode.
    2. Navigate to the `\bin` directory.
    3. Execute the `AddSSLCert.bat` script with the SSL certificate file path as a parameter.
      1. For example: AddSSLCert.bat D:\temp\yourcert.pem
      2. Replace `D:\temp\yourcert.pem` with the actual path to your SSL certificate file.

  2. Add Connection Properties for MSSQL Server
    1. Create a file named `DBConnection.properties` in the `\conf` directory.
    2. Add the following properties to the `DBConnection.properties` file:
      1.    encrypt=true
      2.    trustServerCertificate=false

  3. Update the ChangeDBServer Window for MSSQL Server
    1. Open the ChangeDBServer window.
    2. Update the hostname to the Fully Qualified Domain Name (FQDN) of the target MSSQL server.
    3. Change the authentication type to MSSQL Server authentication. Note that Windows authentication is not supported for systems using FIPS encryption.

  4. Update the ChangeDBServer Window for MSSQL to MSSQL Server with SSL
    1. Open the ChangeDBServer window.
    2. Set the hostname to the FQDN mentioned in the SSL certificate.
    3. Note: Windows authentication is not supported for systems using FIPS encryption.

By following these steps, you have successfully migrated your MSSQL database to an SSL enabled MSSQL database in Endpoint Central. Ensuring the security of your database connections is essential for maintaining the integrity of your data and protecting sensitive information.