Sonarqube tool is connecting to SQL Server 2014 database using the default dependencies via local SQL Server account (User/Password).
Can you please confirm how does this database driver (dependency - that comes bundled with Sonarqube) secures the password in transit (on wire), between the Sonarqube and SQL Server 2014 Database?
In case these are hashed / encrypted, please detail the used algorithm (for hashing / encryption), key / random salt length and how the keys are / will be secured?
As understood, while establishing the connection to database, the database connection url can accept parameter ‘useSSL=true’ – if this is the way above can be achieved, then can you please confirm if this support TLS 1.2 ?