How to Configure a Secure Connection to Microsoft SQL Server 1993-2015 Informatica Corporation. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording or otherwise) without prior consent of Informatica Corporation. All other company and product names may be trade names or trademarks of their respective owners and/or copyrighted materials of such owners.
Abstract You can connect to a secure Microsoft SQL Server database from the PowerCenter Workflow Manager. This article describes how you can connect securely through a native connection to a secure Microsoft SQL Server database on Windows. Supported Versions PowerCenter 9.6.x Table of Contents Overview.... 2 Step 1. Configure the Microsoft Management Console to Import the Microsoft SQL Server Trusted Certificates.... 2 Step 2. Configure a Secure Connection to Microsoft SQL Server from the PowerCenter Workflow Manager.. 7 Overview You can secure the connection to the Microsoft SQL Server database from the machine where the PowerCenter Integration Service runs. In the Workflow Manager, you can configure the secure connection to Microsoft SQL Server when you run a mapping with Microsoft SQL Server sources or targets. To configure a native and secure connection to Microsoft SQL Server, perform the following tasks: 1. Configure the Microsoft Management console to import the Microsoft SQL Server trusted certificates on the Windows machine where the PowerCenter Integration Service runs. 2. Create the Microsoft SQL Server connection from the Workflow Manager. Step 1. Configure the Microsoft Management Console to Import the Microsoft SQL Server Trusted Certificates You can configure the Microsoft Management Console (MMC) to set up the certificate as a trusted certificate on the machine where the PowerCenter Integration Service runs. Certificates signed by the trusted certificate providers, such as Certificate Authority (CA), provides an added layer of security. If you have not used MMC earlier to import certificates, you need to add the certificate snap-in within MMC before you can import trusted certificates. 1. Ask your database administrator to provide you with the Microsoft SQL Server SSL certificate for the server. For example, your database administrator can provide you with the certificate file mysqlserver.cer. 2. Copy the server SSL certificate on the machine where the PowerCenter Integration Service runs. 3. On the Start Menu, click Run, type MMC, and then click OK. If the MMC contains a Certificates snap-in, then go to step 10 to import trusted certificates. If the MMC appears with an empty console or an administrative tool, then you need to add the certificate snap-in. The empty console has no management functionality until you add some snap-ins. 4. On the Console menu, select File > Add/Remove Snap-in. The Add/Remove Snap-in dialog box appears. You can enable extensions and configure which snap-ins are in the console file. 2
5. In the Add or Remove Snap-ins dialog box, select Certificates under the list of available snap-ins, and click Add. The Certificates snap-in dialog box appears. 6. In the Certificates snap-in dialog box, select the Computer account option, and click Next. 3
7. In the Select Computer dialog box, select Local computer (the computer this console is running on), and then click Finish. 4
You return to the Add or Remove Snap-ins dialog box. In the Add or Remove Snap-ins dialog box, you can see Certificates within the selected snap-ins on the right panel. 8. Click OK. 9. Expand the certificates in the newly added Certificates snap-in. 10. Go to Trusted Root Certification Authorities > Certificates. The installed certificates appear on the right panel. 11. Select Certificates in the left pane. 5
12. Right-click Certificates and select All Tasks > Import. The Certificate Import Wizard appears. 13. Click Next. 14. Browse to the certificate on the machine and click Next. 6
15. Select the Place all certificates in the following store option. 16. In the Select Certificate Store dialog box, select Show physical stores. 17. Go to Trusted Root Certification Authorities > Local Computer. 18. Click OK. 19. Click Next. 20. Click Finish. In the Certificate Import Wizard dialog box, a message appears that the import was successful. You can then configure the Microsoft SQL Server connection from the PowerCenter Workflow Manager. Step 2. Configure a Secure Connection to Microsoft SQL Server from the PowerCenter Workflow Manager You can secure the connection to Microsoft SQL Server from the Workflow Manager. Match the server name in the server name property of the Workflow Manager to the server name in the imported trusted certificate on the machine where the PowerCenter Integration Service runs. 1. Log in to the Workflow Manager. 2. Click Connections > Relational. 7
The Relational Connection Browser dialog box appears. 3. Click New. The Select Subtype dialog box appears. 4. To create a connection to a Microsoft SQL Server database, select Microsoft SQL Server from the Select Subtype list. 5. Click OK. The Connection Object Definition dialog box appears. 6. Enter the connection properties, such as user name, password, and database name. 7. Add the Server Name property as follows: <ServerName>, Encrypt=Yes 8
An request is sent to Microsoft SQL Server for an encrypted trusted connection. Ensure that the server name in the Server Name property is the same as the server name used in the imported trusted certificate. For example, if the name of the server is mysqlserver, set the Server Name property as follows: mysqlserver, Encrypt=Yes 8. Click OK. The database connection appears in the Relational Connection Browser list. Select the Microsoft SQL Server connection to run the mapping with a secure connection from the Workflow Manager. Authors Anju Andrews Lead QA Engineer Sujitha Alexander Technical Writer 9