I've done a lot of research on the web about this, and I haven't really found any clear answers. Hopefully someone out there can help clarify the setup.
Here is the scenario - we want to have encrypted communications between clients and our SQL Server.
- Our server has SQL 2008 R2 installed on Windows Server 2008.
- In SQL Server Configuration Manager, under SQL Server Network Configuration, under Protocols for MSSQLSERVER, in the Flags tab, Force Encryption is set to Yes. In the Certificate tab, we selected the certificate that we obtained from our certificate
authority. I have also verified that when SQL Server was restarted, the certificate was successfully loaded (there is a message in the SQL Server log that says so). We have also verified that the communications between clients and the SQL
Server are in fact encrypted (via the use of a sniffer tool - in this case, Ethereal).
Here are my questions:
1) Does all of that setup above ensure that the encrypted communications are not using any self-signed certificates (and only the provisioned certificate is being used)? So really nothing is required as far as the client setup (all of the config
is on the server)?
2) On the server, in SQL Server Configuration Manager, when you right-click on SQL Native Client 10.0 Configuration, there is also an option for "
View Complete Post