# Installing the database

Several external database engines are supported. Check the respective [database-requirements](https://docs.sonarsource.com/sonarqube-server/10.8/setup-and-upgrade/installation-requirements/database-requirements "mention").

Create an empty schema and a `sonarqube` user. Grant this `sonarqube` user permissions to `create`, `update`, and `delete` objects for this schema.

<details>

<summary>Microsoft SQL Server</summary>

{% hint style="warning" %}
Collation **MUST** be case-sensitive (CS) and accent-sensitive (AS).

`READ_COMMITTED_SNAPSHOT` **MUST** be set on the SonarQube Server database.
{% endhint %}

MS SQL database’s shared lock strategy may impact SonarQube Server runtime. Making sure that `is_read_committed_snapshot_on` is set to `true` to prevent SonarQube Server from facing potential deadlocks under heavy loads.

Example of query to check `is_read_committed_snapshot_on`:

```css-79elbk
SELECT is_read_committed_snapshot_on FROM sys.databases WHERE name='YourSonarQubeDatabase';
```

Example of query to update `is_read_committed_snapshot_on`:

```css-79elbk
ALTER DATABASE YourSonarQubeDatabase SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE;
```

#### Encryption <a href="#encryption" id="encryption"></a>

*If your Microsoft SQL Server doesn’t support encryption*, you must add `encrypt=false` to the JDBC URL connection string.

*If your Microsoft SQL Server requires encryption but* you don’t want SonarQube Server to validate the certificate, you must add `trustServerCertificate=true` to the JDBC URL connection string.

#### Integrated security <a href="#integrated-security" id="integrated-security"></a>

To use integrated security:

1. Download the [Microsoft SQL JDBC Auth 12.8.1 package](https://github.com/microsoft/mssql-jdbc/releases/download/v12.8.1/mssql-jdbc_auth.zip) and copy `mssql-jdbc_auth-12.6.3.x64.dll` to a folder location set in the PATH environment variable on SonarQube Server host.
2. *If you’re running SonarQube Server as a Windows service*, make sure the Windows account under which the service is running has permission to connect your SQL server.
3. Ensure that `sonar.jdbc.username` or `sonar.jdbc.password` properties are commented out or SonarQube Server will use SQL authentication.

```css-79elbk
sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true
```

#### SQL authentication <a href="#sql-authentication" id="sql-authentication"></a>

To use SQL authentication, use the following connection string. Also, ensure that `sonar.jdbc.username` and `sonar.jdbc.password` are set appropriately:

```css-79elbk
sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar
sonar.jdbc.username=sonarqube
sonar.jdbc.password=mypassword
```

</details>

<details>

<summary>Oracle</summary>

If there are two SonarQube Server schemas on the same Oracle instance, especially if they are for two different versions, SonarQube Server gets confused and picks the first it finds. To avoid this issue:

* Either privileges associated to the SonarQube Server’s Oracle user should be decreased.
* Or a trigger should be defined on the Oracle side to automatically alter the SonarQube Server’s Oracle user session when establishing a new connection: `ALTER SESSION SET current_schema="MY_SONARQUBE_SCHEMA"`.

{% hint style="warning" %}
Oracle JDBC driver versions 12.1.0.1 and 12.1.0.2 have major bugs, and are not recommended for use with SonarQube Server ([**see more details**](https://groups.google.com/forum/#!msg/sonarqube/Ahqt1iarqJg/u0BVRJZnBQAJ)).
{% endhint %}

</details>

<details>

<summary>PostgreSQL</summary>

* Must be configured to use UTF-8 charset.
* If you want to use a custom schema and not the default "public" one, the PostgreSQL `search_path` property must be set:

```css-79elbk
ALTER USER mySonarUser SET search_path to mySonarQubeSchema
```

</details>