Support and certification

Visit the following web pages for the latest support and certification information.

Changes since the 6.0.0 release

  • Driver Enhancements
    • The driver now provides read-write access to the Synapse Data Warehouse endpoints of Microsoft Fabric. For connection URL examples and limitations, see Connection URL examples and Support for Microsoft Fabric.
    • The driver has been enhanced to comply with FIPS standards for data encryption. As part of this enhancement, the driver was tested with FIPS 140-3 enabled using a Red Hat OpenJDK 21 on a Red Hat Universal Base Image 9 instance. See FIPS (Federal Information Processing Standard) for details.
    • The driver has been enhanced to support managed identity authentication for Microsoft Entra ID (Azure Active Directory) resources. You can configure this authentication using the updated AuthenticationMethod and User connection properties. See Microsoft Entra ID authentication for details.
    • The driver has been enhanced to support the TLSv1.3 cryptographic protocol using SQL Server 2022. To enable TLSv1.3 encryption, set the EncryptionMethod property to the new value Strict. See EncryptionMethod for details.
    • The driver has been enhanced to support inserts into IDENTITY columns for data replication. You can enable inserts into IDENTITY columns defined as NOT FOR REPLICATION using the new EnableReplicationUser connection property. See Inserts into IDENTITY columns for data replication and EnableReplicationUser for details.
    • The driver has been enhanced to support Microsoft Entra ID authentication using service principal users. You can configure this feature using the refreshed AuthenticationMethod property, and the new ActiveDirectoryPrincipalID and ActiveDirectoryPrincipalSecret properties. See Microsoft Entra ID authentication for details.
    • The driver has been enhanced to support authentication using an access token. See Access token authentication for details.
    • The driver has been enhanced to support Windows Defender Credential Guard when using Kerberos Authentication. See Kerberos authentication for details.
    • The driver has been enhanced to support encrypted parameters in stored procedures when using the Always Encrypted feature.
    • The driver has been enhanced to support the Always Encrypted feature. Beginning with SQL Server 2016, Azure SQL and SQL Server databases support Always Encrypted, which allows sensitive data to be stored on the server in an encrypted state such that the data can only be decrypted by an authorized application. The following are highlights of this enhancement:
      • The driver detects all supported native data types stored in encrypted columns and transparently encrypts values bound to SQL parameters or decrypts values returned in results.
      • The driver supports configurable caching of column encryption keys for improved performance.
      • The driver supports using Java KeyStore and Azure Key Vault as keystore providers.
      You can enable support for Always Encrypted using the following new options: ColumnEncryption, AEKeyCacheTTL, AEKeystoreClientSecret, AEKeystoreLocation, AEKeystorePrincipalId, and AEKeystoreSecret. See Always Encrypted for details.
  • Changed Behavior
    • The connection property SpyAttributes has been updated to exclude the attribute load=classname, which was previously used to load the driver specified by the given class name. See SpyAttributes for details.
    • HostProcess is no longer supported as an alias for the ProgramID connection property.
    • ProgramName is no longer supported as an alias for the ApplicationName connection property.
    • The driver has been updated to require a Java Virtual Machine (JVM) that is Java SE 8 or higher, including Oracle JDK, OpenJDK, and IBM SDK (Java) distributions. See Requirements for more details on JVM.

      Java SE 7 has reached the end of its product life cycle and will no longer receive generally available security updates. As a result, the driver will no longer support JVMs that are version Java SE 7 or earlier. Support for distributed versions of Java SE 7 and earlier will also end.

    • Microsoft has rebranded Azure Active Directory as Microsoft Entra ID. As a result, the driver documentation has been updated to reflect this name change.

Changes for the 6.0.0 release

  • Driver Enhancements
    • The driver has been enhanced to transparently connect to Microsoft Azure Synapse Analytics and Microsoft Analytics Platform System data sources. See Azure Synapse Analytics and Analytics Platform System for more information about supported features and functionality.
    • The driver has been enhanced to support Always On Availability Groups. Introduced in SQL Server 2012, Always On Availability Groups is a replica-database environment that provides a high-level of data availability, protection, and recovery. See Always On Availability Groups for details on using the driver with this feature.
    • The driver is enhanced to support Microsoft Entra ID authentication using user names and passwords. Entra ID authentication is an alternative to SQL Server Authentication that allows administrators to centrally manage user permissions to Azure SQL Database data stores. See Microsoft Entra ID authentication for details.
    • The driver has been enhanced to support Kerberos constrained delegation. Constrained delegation is a Kerberos mechanism that allows a client application to delegate authentication to a second service. See Kerberos authentication and Constrained delegation for details.
  • Changed Behavior
    • For Kerberos authentication environments, the following changes have been implemented.
      • The driver no longer sets the java.security.auth.login.config system property to force the use of the installed JDBCDriverLogin.conf file as the JAAS login configuration file. By default, the driver now uses the default JAAS login configuration file for Java, unless you specify a different location and file using the java.security.auth.login.config system property.
      • The driver no longer sets the java.security.krb5.conf system property to force the use of the krb5.conf file installed with the driver jar files in the /lib directory of the product installation directory.
      See Kerberos authentication for details.