diff --git a/plugins/org.jkiss.dbeaver.ext.mssql.ui/plugin.xml b/plugins/org.jkiss.dbeaver.ext.mssql.ui/plugin.xml
index 788a33403e1525b9b30d3669e00eb24028176ecb..d44d0449a396b43b1df138218a98263445b2ebc9 100644
--- a/plugins/org.jkiss.dbeaver.ext.mssql.ui/plugin.xml
+++ b/plugins/org.jkiss.dbeaver.ext.mssql.ui/plugin.xml
@@ -142,5 +142,8 @@
+
+
+
diff --git a/plugins/org.jkiss.dbeaver.ext.mssql.ui/src/org/jkiss/dbeaver/ext/mssql/ui/views/SQLServerSSLConfigurator.java b/plugins/org.jkiss.dbeaver.ext.mssql.ui/src/org/jkiss/dbeaver/ext/mssql/ui/views/SQLServerSSLConfigurator.java
new file mode 100644
index 0000000000000000000000000000000000000000..50ecf4af6ca07685bfb612a1c20c86fa2e3151ea
--- /dev/null
+++ b/plugins/org.jkiss.dbeaver.ext.mssql.ui/src/org/jkiss/dbeaver/ext/mssql/ui/views/SQLServerSSLConfigurator.java
@@ -0,0 +1,68 @@
+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2020 DBeaver Corp and others
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ext.mssql.ui.views;
+
+import org.eclipse.swt.SWT;
+import org.eclipse.swt.layout.GridData;
+import org.eclipse.swt.layout.GridLayout;
+import org.eclipse.swt.widgets.Composite;
+import org.eclipse.swt.widgets.Group;
+import org.eclipse.swt.widgets.Text;
+import org.jkiss.dbeaver.ext.mssql.SQLServerConstants;
+import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
+import org.jkiss.dbeaver.ui.UIUtils;
+import org.jkiss.dbeaver.ui.dialogs.net.SSLConfiguratorTrustStoreUI;
+import org.jkiss.utils.CommonUtils;
+
+public class SQLServerSSLConfigurator extends SSLConfiguratorTrustStoreUI {
+ private Text keystoreHostname;
+
+ @Override
+ public void createControl(Composite parent, Runnable propertyChangeListener) {
+ final Composite composite = new Composite(parent, SWT.NONE);
+ composite.setLayout(new GridLayout(1, false));
+ GridData gd = new GridData(GridData.FILL_BOTH);
+ gd.minimumHeight = 200;
+ composite.setLayoutData(gd);
+
+ createSSLConfigHint(composite, true, 1);
+ createTrustStoreConfigGroup(composite);
+
+ {
+ Group settingsGroup = UIUtils.createControlGroup(composite, "Settings", 2, GridData.FILL_HORIZONTAL, -1);
+
+ UIUtils.createControlLabel(settingsGroup, "Certificate hostname");
+ gd = new GridData(GridData.FILL_HORIZONTAL);
+ gd.minimumWidth = 130;
+ keystoreHostname = new Text(settingsGroup, SWT.BORDER);
+ keystoreHostname.setLayoutData(new GridData(GridData.FILL_HORIZONTAL));
+ keystoreHostname.setToolTipText("The host name to be used in validating the SQL Server TLS/SSL certificate.");
+ }
+ }
+
+ @Override
+ public void loadSettings(DBWHandlerConfiguration configuration) {
+ super.loadSettings(configuration);
+ keystoreHostname.setText(CommonUtils.notEmpty(configuration.getStringProperty(SQLServerConstants.PROP_SSL_KEYSTORE_HOSTNAME)));
+ }
+
+ @Override
+ public void saveSettings(DBWHandlerConfiguration configuration) {
+ super.saveSettings(configuration);
+ configuration.setProperty(SQLServerConstants.PROP_SSL_KEYSTORE_HOSTNAME, keystoreHostname.getText().trim());
+ }
+}
diff --git a/plugins/org.jkiss.dbeaver.ext.mssql/plugin.xml b/plugins/org.jkiss.dbeaver.ext.mssql/plugin.xml
index 4e2c8a5305b46a9f97783678be653b5c48df0fc2..e0647db58d38a0421cc6e9b1bbeac5c1ed79e524 100644
--- a/plugins/org.jkiss.dbeaver.ext.mssql/plugin.xml
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/plugin.xml
@@ -496,4 +496,18 @@
+
+
+
+
+
+
diff --git a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/SQLServerConstants.java b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/SQLServerConstants.java
index 6eeb962b27269c1227ca775f0042ee56326e987c..80a2037d562ab350d6d342167ccbdd46fa44d478 100644
--- a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/SQLServerConstants.java
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/SQLServerConstants.java
@@ -33,6 +33,10 @@ public class SQLServerConstants {
public static final String DRIVER_JTDS = "mssql_jdbc_jtds";
public static final String DRIVER_MS = "mssql_jdbc_ms";
+ public static final String HANDLER_SSL = "mssql_ssl";
+
+ public static final String PROP_SSL_KEYSTORE_HOSTNAME = "sslKeyStoreHostname";
+
public static final boolean USE_GSS = false;
public static final String DEFAULT_SCHEMA_NAME = "dbo";
diff --git a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerDataSource.java b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerDataSource.java
index 4d7c50706414bea2085da9664b7cb3fa48448fa6..1ab16f69cec9b9f6ae31cf8bfe763f4748b1dd8b 100644
--- a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerDataSource.java
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerDataSource.java
@@ -26,6 +26,7 @@ import org.jkiss.dbeaver.ext.mssql.SQLServerUtils;
import org.jkiss.dbeaver.ext.mssql.model.session.SQLServerSessionManager;
import org.jkiss.dbeaver.model.*;
import org.jkiss.dbeaver.model.admin.sessions.DBAServerSessionManager;
+import org.jkiss.dbeaver.model.app.DBACertificateStorage;
import org.jkiss.dbeaver.model.connection.DBPConnectionConfiguration;
import org.jkiss.dbeaver.model.exec.DBCException;
import org.jkiss.dbeaver.model.exec.DBCExecutionContext;
@@ -37,7 +38,9 @@ import org.jkiss.dbeaver.model.impl.jdbc.JDBCExecutionContext;
import org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance;
import org.jkiss.dbeaver.model.impl.jdbc.JDBCUtils;
import org.jkiss.dbeaver.model.impl.jdbc.cache.JDBCObjectCache;
+import org.jkiss.dbeaver.model.impl.net.SSLHandlerTrustStoreImpl;
import org.jkiss.dbeaver.model.meta.Association;
+import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
import org.jkiss.dbeaver.model.struct.*;
import org.jkiss.dbeaver.utils.GeneralUtils;
@@ -129,6 +132,26 @@ public class SQLServerDataSource extends JDBCDataSource implements DBSInstanceCo
authSchema.getInitializer().initializeAuthentication(connectionInfo, properties);
+ final DBWHandlerConfiguration sslConfig = getContainer().getActualConnectionConfiguration().getHandler(SQLServerConstants.HANDLER_SSL);
+ if (sslConfig != null && sslConfig.isEnabled()) {
+ try {
+ SSLHandlerTrustStoreImpl.initializeTrustStore(monitor, this, sslConfig);
+ DBACertificateStorage certificateStorage = getContainer().getPlatform().getCertificateStorage();
+ String keyStorePath = certificateStorage.getKeyStorePath(getContainer(), "ssl").getAbsolutePath();
+
+ properties.setProperty("encrypt", "true");
+ properties.setProperty("trustStore", keyStorePath);
+ properties.setProperty("trustStoreType", "JKS");
+
+ final String keystoreHostnameProp = sslConfig.getStringProperty(SQLServerConstants.PROP_SSL_KEYSTORE_HOSTNAME);
+ if (!CommonUtils.isEmpty(keystoreHostnameProp)) {
+ properties.put("hostNameInCertificate", keystoreHostnameProp);
+ }
+ } catch (Exception e) {
+ throw new DBCException("Error initializing SSL trust store", e);
+ }
+ }
+
return properties;
}
diff --git a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerSSLHandlerImpl.java b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerSSLHandlerImpl.java
new file mode 100644
index 0000000000000000000000000000000000000000..93b6eed5e4817f402c684b732eff537feda07942
--- /dev/null
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerSSLHandlerImpl.java
@@ -0,0 +1,22 @@
+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2020 DBeaver Corp and others
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ext.mssql.model;
+
+import org.jkiss.dbeaver.model.impl.net.SSLHandlerImpl;
+
+public class SQLServerSSLHandlerImpl extends SSLHandlerImpl {
+}