Location: BlogsDevelopments
Posted by: TM Central	12/11/2007 4:37 PM
So you want to open your SQL server to the outside, but don't want the whole world to read your data? There's a BUNCH of information out there but its not all together... A bit here or there... So below I've lined up the best ones we've found: http://blogs.msdn.com/sql_protocols/ http://msdn2.microsoft.com/en-us/library/ms131691.aspx http://msdn2.microsoft.com/en-us/library/ms130822.aspx http://blogs.msdn.com/sql_protocols/archive/2005/12/30/508311.aspx http://support.microsoft.com/kb/316898 To force or allow a SQL Client to accept a non-standard cert, follow this link, http://www.connectionstrings.com/?carrier=sqlserver2005, and look for "Encrypt data sent over network". Now what is not documented here is not the "Encrypt=yes;" command and the "TrustServerCertificate=true;" also apply to ADO.NET AS WELL AS SQL NATIVE CLIENT! The "encrypt" forces the client to encrypt all communications with the given SQL Key (see links above for that), while the "TrustServerCertificate" means that a self-generated Cert by the SQL Server will be accepted for all comm without it being in the Certificate Store(as opposed to just using the non-trust cert for the auth as documented in http://msdn2.microsoft.com/en-us/library/ms131691.aspx) Now you know how to enable encryption, but how do you generate your key for SQL Server to use? There are the "standard" ways (i.e., purchase), but OpenSSL can generate that all important "Root Cert" for your site. See below: http://www.somacon.com/p41.php http://msdn2.microsoft.com/en-gb/library/aa386968.aspx http://www.top20toolbar.com/misc/codesigncert.htm Installing Root Certs on a Windows Mobile Device: http://support.microsoft.com/kb/915840
Permalink |  Trackback