Add SQL Server 2025 encryption options to sqlcmd calls in PostProcess.cmd

.gitignore

@@ -176,3 +176,4 @@ NexusReports/NexusReports.rptproj.rsuser
 # .data files from Report Builder preview
 /NexusReports/*.rdl.data
 
+.nuget/

sqlnexus/GenerateSqlHashes.ps1

@@ -5,6 +5,6 @@ Write-Output "Paste the following into ScriptIntegrity.cs:"
 Write-Output "`tprivate static readonly Dictionary<string, string> ScriptHashes = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase) {"
 foreach ($file in $sqlFiles) {
     $hash = (Get-FileHash $file.FullName -Algorithm SHA256).Hash.ToUpper()
-    Write-Output "`t`t{ `"$($file.Name)`", `"$hash`" },"
+    Write-Output "`t`t{ Application.StartupPath + `"\`\`"` + `"$($file.Name)`", `"$hash`" },"
 }
 Write-Output "`t};"

sqlnexus/PostProcess.cmd

@@ -3,6 +3,8 @@
 set SQLServer=%1
 set Database=%2
 set ImportPath=%3
+set EncryptConnection=%4
+set TrustServerCertificate=%5
 
 rem adding +++ so they can be used as a line separator by the code
 @echo %date% %time% parameters: %SQLServer% %Database% %ImportPath% +++
@@ -18,15 +20,22 @@ if "%filepath%"=="" goto usage
 
 @echo %date% %time% SQL Nexus PostProcessing +++
 
+rem Build optional sqlcmd encryption options (compatible with all sqlcmd versions)
+set "SQLCMD_ENCRYPTION_OPTS="
+if /i %EncryptConnection%=="true" set "SQLCMD_ENCRYPTION_OPTS=%SQLCMD_ENCRYPTION_OPTS% -N"
+if /i %TrustServerCertificate%=="true" set "SQLCMD_ENCRYPTION_OPTS=%SQLCMD_ENCRYPTION_OPTS% -C"
+
 @echo %date% %time% Creating tblPlansTemp +++
-sqlcmd.exe -S%SQLServer% -E -d%Database% -Q"create table tblPlansTemp (sqlplan xml)"
+sqlcmd.exe -S%SQLServer% -E -d%Database% %SQLCMD_ENCRYPTION_OPTS% -Q"create table tblPlansTemp (sqlplan xml)"
 
 @echo %date% %time% Inserting into tblPlansTemp +++
-for /f %%j in ('dir /b "%ImportPath%\*.sqlplan"') do sqlcmd.exe -S%SQLServer%  -E -d%Database% -Q"insert into tblPlansTemp select  cast(cast (BulkColumn as varchar(max)) as xml) sqlplan from openrowset (bulk '%filepath%\%%j',single_blob) as doc"
+for /f %%j in ('dir /b "%ImportPath%\*.sqlplan"') do sqlcmd.exe -S%SQLServer%  -E -d%Database% %SQLCMD_ENCRYPTION_OPTS% -Q"insert into tblPlansTemp select  cast(cast (BulkColumn as varchar(max)) as xml) sqlplan from openrowset (bulk '%filepath%\%%j',single_blob) as doc"
 
 @echo %date% %time% Calling SQLNexus_PostProcessing.sql +++
 
-sqlcmd.exe -S%SQLServer% -E -d%Database% -iSQLNexus_PostProcessing.sql 
+@echo %date% %time% sqlcmd parameters: %SQLServer% %Database% %SQLCMD_ENCRYPTION_OPTS% +++
+
+sqlcmd.exe -S%SQLServer% -E -d%Database% %SQLCMD_ENCRYPTION_OPTS% -iSQLNexus_PostProcessing.sql
 
 rem sqlcmd.exe -S%SQLServer% -E -otoptables.out -Q"set QUOTED_IDENTIFIER on; WITH XMLNAMESPACES ('http://schemas.microsoft.com/sqlserver/2004/07/showplan' AS sp)  select distinct  stmt.stmt_details.value ('@Database', 'varchar(max)') 'Database' ,  stmt.stmt_details.value ('@Schema', 'varchar(max)') 'Schema' ,   stmt.stmt_details.value ('@Table', 'varchar(max)') 'table'  from (  select sqlplan from tempdb.dbo.tblPlansTemp) as p       cross apply sqlplan.nodes('//sp:Object') as stmt (stmt_details) "
 

sqlnexus/ScriptIntegrity.cs

@@ -29,17 +29,16 @@ private static void Log(string msg, bool verbose = false)
         }
 
         // Store expected hashes for each allowed script
-
         private static readonly Dictionary<string, string> ScriptHashes = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase) {
-            { Application.StartupPath + "\\" + "PerfStatsAnalysis.sql", "37111E6F2052A2A7B15E26329475738B4E543FE66AFB7BA426639C062D9E81A1" },
-            { Application.StartupPath + "\\" + "ReadTracePostProcessing.sql", "770DE7883BEFFA30C81C5BF45433EFF4C121EF92796047C49AC459103517BB68" },
-            { Application.StartupPath + "\\" + "ReadTraceReportValidate.sql", "92A575503905D2CABEE18D1804D1DCDCACD12FACD912B16E1040C923AB168E02" },
-            { Application.StartupPath + "\\" + "SQLNexus_PostProcessing.sql", "BA659CE90DD602AD16C5A8F131D95C1A7D86AA00D764C68C3DE176C5AD0A4139" },
-            { Application.StartupPath + "\\" + "SQLNexus_PreProcessing.sql", "81465871D11C26E93329C5F60CBACED1311E97205B29CD8E5526273018168FF6" },
-            { Application.StartupPath + "\\" + "PostBuild.cmd", "741ABE8E8750EE4F010268B29C08B645EAB3EAE4E805D46CD5CA100926E00A48" },
-            { Application.StartupPath + "\\" + "PostProcess.cmd", "814ABCA4622978440172394F24AD6C81535D0C78E53D4356642704A95CD38C7F" },
-            { Application.StartupPath + "\\" + "PreBuild.cmd", "9C706DD338C5A3743C176E43F2C35FE765CF4719FBF33AF6FDAA811418B01187" }
-        };
+         { Application.StartupPath + "\\" + "PerfStatsAnalysis.sql", "37111E6F2052A2A7B15E26329475738B4E543FE66AFB7BA426639C062D9E81A1" },
+         { Application.StartupPath + "\\" + "ReadTracePostProcessing.sql", "770DE7883BEFFA30C81C5BF45433EFF4C121EF92796047C49AC459103517BB68" },
+         { Application.StartupPath + "\\" + "ReadTraceReportValidate.sql", "92A575503905D2CABEE18D1804D1DCDCACD12FACD912B16E1040C923AB168E02" },
+         { Application.StartupPath + "\\" + "SQLNexus_PostProcessing.sql", "BA659CE90DD602AD16C5A8F131D95C1A7D86AA00D764C68C3DE176C5AD0A4139" },
+         { Application.StartupPath + "\\" + "SQLNexus_PreProcessing.sql", "81465871D11C26E93329C5F60CBACED1311E97205B29CD8E5526273018168FF6" },
+         { Application.StartupPath + "\\" + "PostBuild.cmd", "741ABE8E8750EE4F010268B29C08B645EAB3EAE4E805D46CD5CA100926E00A48" },
+         { Application.StartupPath + "\\" + "PostProcess.cmd", "652A277F51640BC6AADCD47D88493B11BC17FF4B62DB470BE0A623BC32280A69" },
+         { Application.StartupPath + "\\" + "PreBuild.cmd", "9C706DD338C5A3743C176E43F2C35FE765CF4719FBF33AF6FDAA811418B01187" }
+     };
 
 
         // Returns true only if the file is listed and the hash matches

sqlnexus/fmImport.cs

@@ -1280,7 +1280,12 @@ private void RunPostProcessing(string sourcePath)
             psi.RedirectStandardOutput = true;
             psi.RedirectStandardError = true;
             psi.UseShellExecute = false;
-            psi.Arguments = string.Format("\"{0}\" \"{1}\" \"{2}\"", Globals.credentialMgr.Server, Globals.credentialMgr.Database, sourcePath);
+            psi.Arguments = string.Format("\"{0}\" \"{1}\" \"{2}\" \"{3}\" \"{4}\"",
+                Globals.credentialMgr.Server,
+                Globals.credentialMgr.Database,
+                sourcePath,
+                Globals.credentialMgr.EncryptConnection.ToString().ToLower(),
+                Globals.credentialMgr.TrustServerCertificate.ToString().ToLower());
 
             MainForm.LogMessage("Executing: PostProcess.cmd " + psi.Arguments);
             psi.FileName = Application.StartupPath + "\\PostProcess.cmd";

sqlnexus/fmLoginEx.cs

@@ -120,6 +120,9 @@ private void fmLoginEx_Load(object sender, EventArgs e)
             else
                 txtServerName.Text = Environment.MachineName;
 
+            chkEncryptConnection.Checked = Properties.Settings.Default.EncryptConnection;
+            chkTrustServerCertificate.Checked = Properties.Settings.Default.TrustCertificate;
+            chkTrustServerCertificate.Enabled = chkEncryptConnection.Checked;
         }
 
         private void chkEncryptConnection_CheckedChanged(object sender, EventArgs e)