Re: ADO.NET security in Windows App?
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 06/28/05
- Next message: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Previous message: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- In reply to: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Next in thread: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Reply: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Jun 2005 14:08:38 -0700
Hello Rob,
this depends on how you address the web server - the cert has the DNS name
embedded -exactly the name that clients use to connect to the server - if
that is the same name for www and sql - you could use the same one.
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Found the article on how to enable SSL on SQL Server -- not clear on
> the certificate? Does the certificate need to be different than what
> is used on the web server (IIS)? In my case the SQL Server and Web
> Server are located on the same server box. So I would need to
> purchase 2 certificates?
>
> "Dominick Baier [DevelopMentor]"
> <dbaier@pleasepleasenospamdevelop.com> wrote in message
> news:526574632555904470267683@news.microsoft.com...
>
>> Hello Rob,
>>
>> that's a SQL server configuration. Consult SQL Server Books Online
>> (BOL). You have to install a certificate for sql server in the cert
>> store of the service account.
>>
>> If you can't find any useful information on how to do this - get back
>> to me.
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> So do I specify in my connection string "Integrated Security=SSL" ?
>>>
>>> As usual, my MSDN search provides a bunch of information not
>>> relevant to my search criteria -- MSDN is becoming more more useless
>>> -- I get better search hit using Google -- frustrating.
>>>
>>> "Dominick Baier [DevelopMentor]"
>>> <dbaier@pleasepleasenospamdevelop.com> wrote in message
>>> news:523796632555552049163721@news.microsoft.com...
>>>
>>>> Hello Rob,
>>>>
>>>> SQL communication is clear text. This includes the initial password
>>>> in the connection string as well as all data you send between
>>>> client/server.
>>>>
>>>> You have two options if you want to secure the data
>>>>
>>>> - IPSec tunnel between the two parties
>>>> - Enable SSL in SQL Server
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> I've coded a VB.NET windows service that uses ADO.NET to
>>>>> communicate
>>>>> with both a MS Access database and an MS SQL Server 2000 database.
>>>>> I'm using SQL Authentication to validate access, but I'm not sure
>>>>> what
>>>>> options I have (if any) to secure the data
>>>>> transmission/communicate
>>>>> between my Windows Service and the SQL Server.
>>>>> I know with my web apps I can uses SSL, but what about standard
>>>>> .NET
>>>>> Windows apps -- do I have anyway to secure the data transmission
>>>>> to/from the SQL Server?
>>>>> Thanks,
>>>>>
- Next message: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Previous message: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- In reply to: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Next in thread: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Reply: Rob R. Ainscough: "Re: ADO.NET security in Windows App?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
