Re: SQL server cannot validate certificate
From: Donna Lambert [MS] (dlambert@online.microsoft.com)
Date: 08/08/02
- Next message: Donna Lambert [MS]: "RE: Users Logins"
- Previous message: Sue: "Audit trails for changed records"
- In reply to: Christopoulos Vassilios: "Re: SQL server cannot validate certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dlambert@online.microsoft.com (Donna Lambert [MS]) Date: Thu, 08 Aug 2002 14:05:28 GMT
Vassilis,
I ran this by one of the Directory Services engineers, and according to
them, they recommend you be at SP6a+SRP and IE 6.0 in order for
Certificates to function at their best.
It may just me a matter of where your cert is located, so use the article
Sue pointed you to and verify SQL will be able to find the cert.
Are you able to connect with SSL using just IE, for example, to another
secure location?
Do you have more than one cert on this box?
Donna Lambert
Microsoft SQL Server Support
Disclaimer:
This posting is provided “AS IS” with no warranties, and confers no rights.
Are you secure? For information about the Microsoft Strategic Technology
Protection Program and to order your FREE Security Tool Kit, please visit
http://www.microsoft.com/security.
Recent viruses on the Internet underscore the threat to all computer users
and highlight challenges facing the entire industry in providing security
that everyone needs to conduct business. I encourage you to sign up to
receive automatic notification of Microsoft Security Bulletins by visiting
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/notify.asp. For more information on security, our Strategic
Technology Protection Program and to order your FREE Security Tool Kit,
please visit http://www.microsoft.com/security. We will be happy to answer
any questions or provide assistance with your security needs.
--------------------
| Content-Class: urn:content-classes:message
| From: "Christopoulos Vassilios"
<vassilis.christopoulos@intrasoft-intl.com>
| Sender: "Christopoulos Vassilios"
<vassilis.christopoulos@intrasoft-intl.com>
| References: <621901c2363a$f6941c60$9de62ecf@tkmsftngxs01>
<0vkbkuonvt0j4rcq04q4ibac4f7764povv@4ax.com>
| Subject: Re: SQL server cannot validate certificate
| Date: Tue, 30 Jul 2002 22:22:58 -0700
| Lines: 89
| Message-ID: <305201c23852$54fe2250$95e62ecf@tkmsftngxs02>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
| Thread-Index: AcI4UlT+dp5U8o5VTBCgI89hAXCpag==
| Newsgroups: microsoft.public.sqlserver.security
| NNTP-Posting-Host: tkmsftngxs02 127.0.0.1
| Path: cpmsftngxa07!tkmsftngxs02
| Xref: cpmsftngxa07 microsoft.public.sqlserver.security:7324
| X-Tomcat-NG: microsoft.public.sqlserver.security
|
| Actually, we have gone through all related articles in KB.
| We've checked multiple times our
| installation/configuration according to those KB articles,
| plus aplied all latest patches. But the problem is still
| there.
| So, we have started to believe that SSL does not work when
| the SQL Server 2000 is running on a Win NT 4.0 server (as
| I mentioned before, it works perfectly on W2K server).
|
| Has anyone managed to run SQL Server 2000 on Win NT 4.0
| with the "Force Protocol Encryption" option set? Did you
| make any special configuration (which is probably not
| described anywhere?)
|
| Thanks
|
| Vassilis
|
|
| >-----Original Message-----
| >You may want to check the steps under the topic: How SQL
| >Server Verifies that a Certificate is Valid in the
| following
| >KB article:
| >INF: How SQL Server Uses a Certificate When the Force
| >Protocol Encryption Option is Set On
| >http://support.microsoft.com/?scid=kb;en-us;Q318605
| >
| >-Sue
| >
| >On Sun, 28 Jul 2002 06:30:39 -0700, "Vassilios
| >Christopoulos" <vassilis.christopoulos@intrasoft-intl.com>
| >wrote:
| >
| >>
| >>Dear all,
| >>
| >>I do have a problem to use SSL encryption on SQL Server
| >>2000 running on Win NT 4.0 server.
| >>More specifically, the SQL server CANNOT START when
| >>the "Force Protocol Encryption" is set ON. The following
| >>errors appeas in the Event log:
| >>
| >>----
| >>17120 :
| >>SQL Server could not spawn FRunCM thread.
| >>
| >>Error: 17826, Severity: 18, State: 1
| >>Could not set up Net-Library 'SSNETLIB'.
| >>
| >>19015 :
| >>Encryption requested but no valid certificate was found.
| >>SQL Server terminating.
| >>
| >>Encryption requested but no valid certificate was found.
| >>SQL Server terminating.
| >>----
| >>
| >>Note that:
| >>- A certificate has been obtained from a trusted
| authority
| >>and appears to be OK.
| >>- We are running SQL Server 2000 SP2 with latest hotfix
| >>applied (8.00.0655).
| >>- The SQL server is running on a Windows NT Server 4.00
| >>SP6a.
| >>
| >>Note that the problem does not appear when the SQL
| server
| >>is running on Windows 2000 Server (and the other
| >>configuration remains the same + certificate obtained
| from
| >>same trusted authority). Does SSL encryption work on Win
| >>NT 4.00 server? Any idea, what the problem might be?
| >>
| >>Thank you in advance
| >>
| >>Best regards,
| >>
| >>Vassilios Christopoulos
| >>
| >>
| >>
| >>
| >>
| >>
| >
| >.
| >
|
- Next message: Donna Lambert [MS]: "RE: Users Logins"
- Previous message: Sue: "Audit trails for changed records"
- In reply to: Christopoulos Vassilios: "Re: SQL server cannot validate certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
