# Installing the database

Several external [prerequisites-and-overview](https://docs.sonarsource.com/sonarqube-server/10.4/requirements/prerequisites-and-overview "mention") are supported. Be sure to follow the requirements listed for your database. They are real requirements not recommendations.

Create an empty schema and a `sonarqube` user. Grant this `sonarqube` user permissions to `create`, `update`, and `delete` objects for this schema.

<details>

<summary>Microsoft SQL Server</summary>

{% hint style="warning" %}
Collation **MUST** be case-sensitive (CS) and accent-sensitive (AS).

`READ_COMMITED_SNAPSHOT` **MUST** be set on the SonarQube database.
{% endhint %}

MS SQL database’s shared lock strategy may impact SonarQube runtime. Making sure that `is_read_committed_snapshot_on` is set to `true` to prevent SonarQube from facing potential deadlocks under heavy loads.

Example of query to check `is_read_committed_snapshot_on`:

```css-79elbk
SELECT is_read_committed_snapshot_on FROM sys.databases WHERE name='YourSonarQubeDatabase';
```

Example of query to update `is_read_committed_snapshot_on`:

```css-79elbk
ALTER DATABASE YourSonarQubeDatabase SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE;
```

#### Encryption <a href="#encryption" id="encryption"></a>

*If your Microsoft SQL Server doesn’t support encryption*, you must add `encrypt=false` to the JDBC URL connection string.

*If your Microsoft SQL Server requires encryption but* you don’t want SonarQube to validate the certificate, you must add `trustServerCertificate=true` to the JDBC URL connection string.

#### Integrated security <a href="#integrated-security" id="integrated-security"></a>

To use integrated security:

1. Download the [Microsoft SQL JDBC Auth 12.4.2 package](https://github.com/microsoft/mssql-jdbc/releases/download/v12.4.2/mssql-jdbc_auth.zip) and copy `mssql-jdbc_auth-12.4.2.x64.dll` to a folder location set in the PATH environment variable on the SonarQube server host.
2. *If you’re running SonarQube as a Windows service*, make sure the Windows account under which the service is running has permission to connect your SQL server.
3. Ensure that `sonar.jdbc.username` or `sonar.jdbc.password` properties are commented out or SonarQube will use SQL authentication.

```css-79elbk
sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true
```

#### SQL authentication <a href="#sql-authentication" id="sql-authentication"></a>

To use SQL authentication, use the following connection string. Also, ensure that `sonar.jdbc.username` and `sonar.jdbc.password` are set appropriately:

```css-79elbk
sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar
sonar.jdbc.username=sonarqube
sonar.jdbc.password=mypassword
```

</details>

<details>

<summary>Oracle</summary>

If there are two SonarQube schemas on the same Oracle instance, especially if they are for two different versions, SonarQube gets confused and picks the first it finds. To avoid this issue:

* Either privileges associated to the SonarQube Oracle user should be decreased.
* Or a trigger should be defined on the Oracle side to automatically alter the SonarQube Oracle user session when establishing a new connection: `ALTER SESSION SET current_schema="MY_SONARQUBE_SCHEMA"`.

{% hint style="warning" %}
Oracle JDBC driver versions 12.1.0.1 and 12.1.0.2 have major bugs, and are not recommended for use with SonarQube ([**see more details**](https://groups.google.com/forum/#!msg/sonarqube/Ahqt1iarqJg/u0BVRJZnBQAJ)).
{% endhint %}

</details>

<details>

<summary>PostgreSQL</summary>

If you want to use a custom schema and not the default "public" one, the PostgreSQL `search_path` property must be set:

```css-79elbk
ALTER USER mySonarUser SET search_path to mySonarQubeSchema
```

</details>