We need to secure a SQL server using an SSL certificate and I understand there are a couple of ways of doing it. One of which is having SQL Server generate a self-signed certificate which exposes the man-in-the-middle attack vulernability.
Thus we want to avoid this approach. My question is, can we just allow the Windows Server 2003 we are running to be configured to be a Ceriifcate Authority and ust it create an SSL certificate. Is that just a secure as getting an
SSL certificate from a third party company such as Verisign? If it is better to go with a third party company, how do you get a certificate from them when it is not going to be used for a website?
NickNick's Programming Tips
View Complete Post