Re: How to (completely) turn off protocol encryption in SQL Server? (the checkbox in server network utility is unchecked)
From: Jasper Smith (jasper_smith9_at_hotmail.com)
Date: 03/25/05
- Next message: Chris Weber [Security MVP]: "Re: Web and SQL Security"
- Previous message: Begie: "Security on view to other database on same sqlserver"
- In reply to: ron.bennatan_at_gmail.com: "How to (completely) turn off protocol encryption in SQL Server? (the checkbox in server network utility is unchecked)"
- Next in thread: Ron: "Re: How to (completely) turn off protocol encryption in SQL Server? (the checkbox in server network utility is unchecked)"
- Reply: Ron: "Re: How to (completely) turn off protocol encryption in SQL Server? (the checkbox in server network utility is unchecked)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Mar 2005 16:33:42 -0000
Even with encryption switched off, the login handshake will still be
encrypted if a certificate is present. Being a CA it must have at least the
CA certificate still present which I guess would be the cause of what you
are seeing. Without removing the CA I'm not sure if you would be able to get
back to the fully unencrypted login. Out of interest, what problems if any
is this causing?
-- HTH Jasper Smith (SQL Server MVP) http://www.sqldbatips.com I support PASS - the definitive, global community for SQL Server professionals - http://www.sqlpass.org <ron.bennatan@gmail.com> wrote in message news:1111705336.707763.301980@f14g2000cwb.googlegroups.com... > Hi, > > I am trying to revert back to a completely unencrypting state in SQL > Server - and am not succeeding. Aparently, there are some "left overs" > that I am not able to get rid of. Of course I unchecked the Force > Protocol Encryption option in the Server network utility and I even > went a step further in that I added the Certificate key to the registry > under SuperSocketNetLib and even deleted all the certificates from the > local machine. > > Here are the details of what I did and what I can't get rid of: > > - I am running SQL Server 2000 SP 3 build 760 > - The machine I am running SQL Server on is also running a CA server > - A while back I enabled protocol encryption and installed a server > authentication certificate by the DNS name of the box; all worked fine > - I then disabled protocol encryption > - I added an entry to the registry as: > > [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib] > "Certificate"="0" > > - I also tried it as dword > - I deleted the certificate using mmc > - I restarted SQL Server > > My problem is that _some_ of the protocol is still being encrypted. > Specifically, while most of the connection is not being encrypted, the > initial handshake between the client and the server is still encrypted. > > How do I revert back to the original state where nothing is being > encrypted or modified? > > Thanks very much for any help, > -Ron >
- Next message: Chris Weber [Security MVP]: "Re: Web and SQL Security"
- Previous message: Begie: "Security on view to other database on same sqlserver"
- In reply to: ron.bennatan_at_gmail.com: "How to (completely) turn off protocol encryption in SQL Server? (the checkbox in server network utility is unchecked)"
- Next in thread: Ron: "Re: How to (completely) turn off protocol encryption in SQL Server? (the checkbox in server network utility is unchecked)"
- Reply: Ron: "Re: How to (completely) turn off protocol encryption in SQL Server? (the checkbox in server network utility is unchecked)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
