Our CFML Server is hosted by Viviotech.
In another location, a Microsoft SQL Server on the Azure cloud.
Because the database stores HIPAA protected information, we need to apply the “Always-Encrypted” setting to the Database and encrypt certain columns in certain tables.
MY QUESTION:
Has anyone configured a datasource in Lucee - to 1) employ an “Always-Encrypted” MS DB where 2) the key is located on Azure Key Vault?
On CF2018, this is the error we get when I add mssql-jdbc-9.2.1.jre11.jar and try to configure ColdFusion’s “Other” DSN via their UI and custom connection strings.
Invalid key store provider name: AZURE_KEY_VAULT. A key store provider name must denote either a system key store provider or a registered custom key store provider. Valid system key provider names are: ,[MSSQL_CERTIFICATE_STORE]. Valid (currently registered) custom key store provider names are: null. Please verify key store provider information in column master key definitions in the database, and verify all custom key store providers used in your application are registered properly.
We’ve configured a NON-COLDFUSION client to connect and decrypt data from this server successfully, so it doesn’t seem to be a permissions issue there (the first thing we fixed)
I’ve been telling this client about Lucee (which I use elsewhere) for years. I was just told by Adobe support that Always-Encrypted feature is not supported in CF2018, so this is a good time to pounce!