SqlPackageParams - System Parameter
Understanding SqlPackageParams
The SqlPackageParams system parameter controls SQL Server connection security settings during database deployments and updates. When Nodinite creates or updates Log Databases, it uses Microsoft's DacFX tooling to apply schema changes. SqlPackageParams configures how DacFX handles TLS/SSL encryption and certificate validation during these operations.
Why This Matters
Modern SQL Server deployments require encrypted connections to protect sensitive data in transit. However, certificate trust requirements vary across environments:
- Production: Strict certificate validation with trusted CA-signed certificates
- Development/Test: Self-signed certificates or relaxed trust requirements
- Cloud environments: Encrypted connections with platform-managed certificates
SqlPackageParams provides the flexibility to balance security with operational needs, ensuring database deployments succeed across all environments while maintaining your organization's security standards.
DacFX Version Compatibility
Microsoft introduced a compatibility break with version 161 of DacFX. To ensure seamless operation, you must use a matching set of binaries for both Nodinite and DacFX:
| DacFX Version | Nodinite Install and Update Tool | Nodinite |
|---|---|---|
| >= 161 | >= 6.0.0.5 | >= 5.4.1.26 |
| < 161 | < 6.0.0.5 | < 5.4.1.26 |
How It Works
The Nodinite Logging Service uses SqlPackageParams to configure database deployment connections. In Nodinite v7, the PowerShell installation scripts also use this parameter. This flexibility ensures you can tailor connectivity and security to your organization's requirements, supporting both compliance and operational efficiency.
Configuration
| System Parameter Name | Data Type | Values/Example | Comment |
|---|---|---|---|
| SqlPackageParams | json | JSON object as exemplified | Default = {"TargetTrustServerCertificate":true,"TargetEncryptConnection":true,"SourceTrustServerCertificate":false,"SourceEncryptConnection":true} |
This feature was introduced in version 5.4.1.26.
JSON Structure and Example
Parameter Descriptions
TargetTrustServerCertificate– Controls whether to trust the target server's certificate without validation. Default:true. Set tofalsein production environments with CA-signed certificates.TargetEncryptConnection– Enables TLS/SSL encryption for target database connections. Default:true. Always enabled for security compliance.SourceTrustServerCertificate– Controls whether to trust the source server's certificate without validation. Default:false. More restrictive to ensure source database integrity.SourceEncryptConnection– Enables TLS/SSL encryption for source database connections. Default:true. Always enabled for security compliance.
Example Configuration
{"TargetTrustServerCertificate":true,"TargetEncryptConnection":true,"SourceTrustServerCertificate":false,"SourceEncryptConnection":true}
Frequently Asked Questions
Find more solutions to common problems and the Nodinite System Parameters FAQ in the Troubleshooting user guide.
Where can I get the latest DacFX?
Please download and install the latest DacFX.
How do I change the value?
Changing a value for the pre-defined System Parameters is described in the generic How do I change the System Parameters article.