I need to know where I can find information regarding the security used when sending requests from an EF Core App to the Database. I am using an Azure function with .NET (netcoreapp3.1). Here is my connection string although I need to know more about the communication traffic although i have encrypted the data i.e
Server=tcp:,1433;Initial Catalog=;Persist Security Info=False;User ID=;Password=;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;");
Any help would be brilliant, cheers!
Update I need to know if TLS1.2 is being used.
CodePudding user response:
Just seen on Azure DB that you can choose the minimal tls version so this is set 1.2 and it will refuse any connections which is not at 1.2 so this shows that EF Core transmits using tls 1.2 as it doesn't refuse.
CodePudding user response:
The important part of the connection string is encrypt=true
- this forces the client to use a secure, encrypted connection. As you've then found, the database server is in charge of determining which protocols are accepted - within Azure you can configure your database server to accept at least TLS 1.0, 1.1 or 1.2, this is set at the Server level under Firewalls and Virtual Networks.
The documentation states:
Encrypt
When true, SQL Server uses SSL encryption for all data sent between the client and server if the server has a certificate installed. Recognized values are true, false, yes, and no. For more information, see Connection String Syntax.
Beginning in .NET Framework 4.5, when TrustServerCertificate is false and Encrypt is true, the server name (or IP address) in a SQL Server SSL certificate must exactly match the server name (or IP address) specified in the connection string. Otherwise, the connection attempt will fail.