Azure SQL数据库-对Azure VM SQL实例的弹性查询-SSL错误 [英] Azure SQL Database - Elastic Query to Azure VM SQL instance - SSL error
问题描述
我需要从Azure SQL数据库连接到已安装SQL Server实例的Azure VM.由于Azure SQL数据库不支持链接服务器,因此我采用了弹性查询方法.我设法设置了EXTERNAL DATA SOURCE并允许在端口1433上进行连接,但是当执行最简单的查询时,我收到以下错误消息: 从一个或多个分片中检索数据时出错.收到的根本错误消息是:'已成功与服务器建立连接,但是在登录过程中发生了错误.(提供者:SSL Provider,错误:0-证书链是由不受信任的机构发布的.)'."
I need to connect from an Azure SQL Database to an Azure VM that has a SQL Server instance installed. Since linked servers are not supported by Azure SQL Databases, I went with the elastic query approach. I managed setting up the EXTERNAL DATA SOURCE and allowed connections on port 1433 but when executing the most simple query I get the following error message: "Error retrieving data from one or more shards. The underlying error message received was: 'A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)'."
这是受支持的方案吗?最后,我想将数据从VM中拉出到Azure SQL数据库中.
Is this a supported scenario? In the end I want to pull data out of the VM into the Azure SQL Database.
另外:使用VM的公共IP时,如何确保网络流量将保持在Azure数据中心内,这样就不会对2台SQL服务器之间的外部流量收费,或者这是无关紧要的两者都托管在Azure中?
Also: how can I be sure that the network traffic will stay within the Azure data center when using the public IP of the VM so that I won't be charged for external traffic between the 2 SQL servers, or is this irrelevant as both are hosted in Azure?
推荐答案
再次查询时出现异常:根据错误消息,您的VM上的SQL Server似乎未安装CA签名证书.弹性查询对其连接实施加密,并将信任服务器证书"设置为false.通过查看错误,我可以确定安装CA签名证书应该可以解决该问题.
Re the exception on your query: Based on the error message, this looks like the SQL Server on your VM does not have a CA signed certificate installed. Elastic query enforces encryption on its connections and it sets Trust Server Certificate to false. Installing a CA signed certificate should fix that issue from what I can tell by looking at the error.
重新网络通信:VM和Azure SQLDB数据库均在特定区域中创建.如果选择在同一区域中创建它们,则网络流量将在数据中心内部.如果您在不同地区创建它们,则将产生跨数据中心流量的费用.
Re network traffic: Both the VM and the Azure SQLDB database are created in a particular region. If you choose to create them in the same region, then the network traffic will be internal to the data center. If you create them in different regions, you will incur cost for cross-data center traffic.
希望这会有所帮助.
谢谢, 托斯滕
这篇关于Azure SQL数据库-对Azure VM SQL实例的弹性查询-SSL错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
