web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / On-Premises Data Gatew...
Power Apps
Unanswered

On-Premises Data Gateway and SQL Server Ephemeral Self-signed Certs

(1) ShareShare
ReportReport
Posted on by A. Marc Scirri 7
We have an on-premises data gateway used by Power Apps and Power BI. We want to force encryption on all of our SQL connections, but because all data transmissions are internal, we are comfortable using the SQL Server Ephemeral Self-Signed cert. A new cert gets recreated each time SQL Server restarts.  Our non-prod VMs spin down every evening.   It appears that there is no equivillant of a "Trust Server Certificate" flag that you can set on the gateway, so to enforce encryption between the SQL Server and the gateway server, the cert used for encryption needs to be exported from SQL Server, installed on the gateway server, and trusted. 
 
We don't want to have to manage another set of certs, and this is the only thing in our environment that does not appear to natively support the SQL Server ephemeral certs.  
 
Has anyone discovered a work-around for this scenario?
Categories:
Connector development
7-1-2025_ 10.41.1...
I have the same question (0)
  • stampcoin Profile Picture
    stampcoin 5,058 Super User 2025 Season 2 on at
    Please clarify if the SQL Server and the gateway server are on the same domain.
    If on the same domain, consider use AD-CS to issue the cert for SQL and gateway server.
     
  • A. Marc Scirri Profile Picture
    A. Marc Scirri 7 on at
    They are on the same domain. I am trying to figure out how to get the gateway to trust the ephemeral cert before I explore other methods. 
  • stampcoin Profile Picture
    stampcoin 5,058 Super User 2025 Season 2 on at
    Assume that you already enable the  Encryption in SQL Server Configuration Manager.
    There is a config file, you can try to add the sql server in that file.
    Path(default): C:\Program Files\On-premises data gateway\Microsoft.PowerBI.DataMovement.Pipeline.GatewayCore.dll.config
    try to use IP or sqlservername@domain.com for example.
     
  • A. Marc Scirri Profile Picture
    A. Marc Scirri 7 on at
    I'm going to give that a shot. Now I need to learn how to force my Power App SQL Connector object to connect using encryption. 

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 739 Most Valuable Professional

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 343 Super User 2025 Season 2

#3
Power Platform 1919 Profile Picture

Power Platform 1919 268

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans