Results 1 to 4 of 4
  1. #1
    Join Date
    Jul 2005
    Posts
    6

    Unanswered: Encrypt Connection with Certificate

    I have been trying to create a certificate for use with SQL2005. I found openSSL to create a cert but I am not sure how to use it.

    When I go into SQL Config Manager / Protocol Properties / Certificate Tab... I do not see any certificates. The list is empty. Where are these certs pulled from and how can I create one on my own?


    Here are the Reqs:

    Certificate Requirements

    For SQL Server 2005 to load a SSL certificate, the certificate must meet the following conditions:

    The certificate must be in either the local computer certificate store or the current user certificate store.

    The current system time must be after the Valid from property of the certificate and before the Valid to property of the certificate.

    The certificate must be meant for server authentication. This requires the Enhanced Key Usage property of the certificate to specify Server Authentication (1.3.6.1.5.5.7.3.1).

    The certificate must be created by using the KeySpec option of AT_KEYEXCHANGE. Usually, the certificate's key usage property (KEY_USAGE) will also include key encipherment (CERT_KEY_ENCIPHERMENT_KEY_USAGE).

    The Subject property of the certificate must indicate that the common name (CN) is the same as the host name or fully qualified domain name (FQDN) of the server computer. If SQL Server is running on a failover cluster, the common name must match the host name or FQDN of the virtual server and the certificates must be provisioned on all nodes in the failover cluster.

  2. #2
    Join Date
    May 2004
    Location
    Seattle
    Posts
    1,313

  3. #3
    Join Date
    Jul 2005
    Posts
    6

    cert

    Is this the cert that SQL is looking for? I thought it was a local computer cert generated through CA.

  4. #4
    Join Date
    Jul 2005
    Posts
    6

    conn

    Data Source=server.domain.com;Initial Catalog=master;User ID=SQLuser;Encrypt=True;TrustServerCertificate=Tru e

    this works but I want to create my own cert.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •