Certificates in SQL Server 2008

Posted by Brandi on Server Fault See other posts from Server Fault or by Brandi
Published on 2010-06-08T19:26:30Z Indexed on 2010/06/08 19:32 UTC
Read the original article Hit count: 231

I need to implement SSL for transmissions between my application and Sql Server 2008.

I am using Windows 7, Sql Server 2008, Sql Server Management Studio, and my application is written in c#.

I was trying to follow the MSDN page on creating certificates and this under 'Encrpyt for a specific client', but I got hopelessly confused. I need some baby steps to get further down the road to implementing encryption successfully.

First, I don't understand MMC. I see a lot of certificates in there... are these certificates that I should be using for my own encryption or are these being used for things that already exist? Another thing, I assume all these certificates are files are located on my local computer, so why is there a folder called 'Personal'?

Second, to avoid the above issue, I did a little experiment with a self-signed assembly. As shown in the MSDN link above, I used SQL executed in SSMS to create a self-signed certificate. Then I used the following connection string to connect:

 Data Source=myServer;Initial Catalog=myDatabase;User ID=myUser;Password=myPassword;Encrypt=True;TrustServerCertificate=True

It connected, worked. Then I deleted the certificate I'd just created and it still worked. Obviously it was never doing anything, but why not? How would I tell if it's actually "working"? I think I may be missing an intermediate step of (somehow?) getting the file off of SSMS and onto the client?

I don't know what I'm doing in the least bit, so any help, advice, comments, references you can give me are much appreciated.

Thank you in advance. :)

© Server Fault or respective owner

Related posts about sql-server

Related posts about ssl