For enhanced security, Cloud SQL for SQL Server now supports TLS connections to Active Directory endpoints without requiring server certificate trust or the use of IP addresses

## Feature For enhanced security, Cloud SQL for SQL Server now supports [TLS connections](https://cloud.google.com/sql/docs/sqlserver/authorize-ssl) to Active Directory endpoints without requiring server certificate trust or the use of IP addresses. Existing certificates will need to be rotated to use this feature. ## Feature You can now [set up custom DNS names by configuring the custom subject alternative name (SAN)](https://cloud.google.com/sql/docs/sqlserver/custom-dns-name) for your instance. After you set up DNS name resolution, you can connect to your Cloud SQL instance using the custom DNS name instead of using an IP address. This feature is available only for instances that are configured with the [customer-managed certificate authority (CA)](https://cloud.google.com/sql/docs/sqlserver/customer-managed-ca) (`CUSTOMER_MANAGED_CAS_CA`) option as its server CA mode. Custom SAN configuration for instances is [generally available](https://cloud.google.com/products#product-launch-stages) (GA).