Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Code Project
CODE PROJECT For Those Who Code
  • Home
  • Articles
  • FAQ
Community
  1. Home
  2. Database & SysAdmin
  3. Database
  4. How to Install SSL in Workgroup Environment for SQL Server?

How to Install SSL in Workgroup Environment for SQL Server?

Scheduled Pinned Locked Moved Database
databasesql-serversysadminsecuritytutorial
3 Posts 2 Posters 1 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D Offline
    D Offline
    DotNetWWW
    wrote on last edited by
    #1

    hi all , How is it possible to Install SSL for Sql Server in Workgroup environment? Thanks in advance .

    M 1 Reply Last reply
    0
    • D DotNetWWW

      hi all , How is it possible to Install SSL for Sql Server in Workgroup environment? Thanks in advance .

      M Offline
      M Offline
      Mike Dimmick
      wrote on last edited by
      #2

      If you look up SSL in the index in SQL Server Books Online, one of the results is the topic "How to: Enable Encrypted Connections to the Database Engine (SQL Server Configuration Manager)" (online here[^]). If you don't want to use a public certificate (i.e. one that you have to pay a trusted root authority to produce for you), you can set up your own stand-alone root authority to generate certificates. See here[^] for how to install certificate services. In order for the server to use the certificate you generate, and for the client to trust that certificate, the root certificate (just the certificate, not the private key associated with it - you do not distribute this) needs to be installed as a trusted root on both server and client. You can then generate a Server Authentication certificate by going to the CA's certsrv website, clicking Request a certificate, advanced certificate request, create and submit a request to this CA. Fill in the identifying information, change Type of Certicate Needed to Server Authentication Certificate, check the Mark Private Keys As Exportable box (if you're doing this on a computer other than the target server), check Store certificate in the local computer certificate store if you're doing this on the SQL Server computer itself, [UPDATE: this is wrong, the certificate needs to go into the Personal store for the account that SQL Server is running under - use the Local Computer store only if using LocalSystem, which isn't recommended] and enter the fully-qualified domain name of the SQL Server computer in the Friendly Name field. Then click Submit. Stand-alone CAs do not automatically approve requests. In the Certification Authority console, go to Pending Requests, right-click the request and select Issue. You can now go back to the website (don't hit Refresh, this generates another request) and click View Status. Click the request, then click Install This Certificate. Now you can go through SQL Server Configuration Manager as described in the article and select the certificate you just generated. You should be careful to keep your Certification Authority computer isolat

      D 1 Reply Last reply
      0
      • M Mike Dimmick

        If you look up SSL in the index in SQL Server Books Online, one of the results is the topic "How to: Enable Encrypted Connections to the Database Engine (SQL Server Configuration Manager)" (online here[^]). If you don't want to use a public certificate (i.e. one that you have to pay a trusted root authority to produce for you), you can set up your own stand-alone root authority to generate certificates. See here[^] for how to install certificate services. In order for the server to use the certificate you generate, and for the client to trust that certificate, the root certificate (just the certificate, not the private key associated with it - you do not distribute this) needs to be installed as a trusted root on both server and client. You can then generate a Server Authentication certificate by going to the CA's certsrv website, clicking Request a certificate, advanced certificate request, create and submit a request to this CA. Fill in the identifying information, change Type of Certicate Needed to Server Authentication Certificate, check the Mark Private Keys As Exportable box (if you're doing this on a computer other than the target server), check Store certificate in the local computer certificate store if you're doing this on the SQL Server computer itself, [UPDATE: this is wrong, the certificate needs to go into the Personal store for the account that SQL Server is running under - use the Local Computer store only if using LocalSystem, which isn't recommended] and enter the fully-qualified domain name of the SQL Server computer in the Friendly Name field. Then click Submit. Stand-alone CAs do not automatically approve requests. In the Certification Authority console, go to Pending Requests, right-click the request and select Issue. You can now go back to the website (don't hit Refresh, this generates another request) and click View Status. Click the request, then click Install This Certificate. Now you can go through SQL Server Configuration Manager as described in the article and select the certificate you just generated. You should be careful to keep your Certification Authority computer isolat

        D Offline
        D Offline
        DotNetWWW
        wrote on last edited by
        #3

        Thanks , If I generate the Certificate , Is it possible to deploy it with my .Net app setup project and Import it during setup and set SQL Server certificate to this?How? Thanks again ,

        1 Reply Last reply
        0
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • World
        • Users
        • Groups