I have an MSSQL 2000 server that has an SSL certificate. In the SQL
Server network utility, 'Force protocol encryption' is checked.
Looking at the traffic with Wireshark, it's no longer in plain text.
However, the certificate is issued to say a.mydomain.com.
If I create a dns record such that b.mydomain.com resolves to the same
address and then use Query Analyzer to connect to b.mydomain.com
everything still works. I get no sort of warning like I would if I
used a web browser to visit an https site where the certificate had
been issued to a different name.
Is this to be expected?
View Complete Post