RE: SQL Server & SSL & Fully Qualified Domain Name
From: Kevin McDonnell [MSFT] (kevmc_at_online.microsoft.com)
Date: 07/22/04
- Next message: Kevin McDonnell [MSFT]: "RE: install ssl -> SQL-Server locked -> recovery?"
- Previous message: Steve Thompson: "Re: How to Encrypt a SQL Server 2000 Database"
- In reply to: bb: "RE: SQL Server & SSL & Fully Qualified Domain Name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 Jul 2004 18:50:45 GMT
Prev Post.
However when I remove the server force and apply the force on the Client
Connection Utility - I get this : [DBNETLIB]SSL Security error.
I did some research and found that the client MUST trust the CA, and
Thawte's temp certs arent trusted, so I attempted to import the test CA
into my trust store, and see if that worked, and it did not. Although I am
not sure I did it correct. I am wondering if this is fact the problem, that
my client doenst fully trust the test cert, what do you think?
-- Yes. This is true. If you enable the Force Protocol Encryption option
on the client, then the client MUST trust the same root authority that
issued the cert. So, you need to update the Trusted Root Authorithy on the
client machine.
276553 HOW TO: Enable SSL Encryption for SQL Server 2000 with Certificate
Server
http://support.microsoft.com/?id=276553
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.
- Next message: Kevin McDonnell [MSFT]: "RE: install ssl -> SQL-Server locked -> recovery?"
- Previous message: Steve Thompson: "Re: How to Encrypt a SQL Server 2000 Database"
- In reply to: bb: "RE: SQL Server & SSL & Fully Qualified Domain Name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
