September 8, 2017 at 11:47 pm
Hi all,
In BO, it is emphasize that using self-sign cert promotes MITM attacks and we should use CA/Internal CA signed certs.
MITM attacks can happen only if the client trusted the self-sign cert thinking it is the correct/authorized party. If the client did verify the certification, MITM can be avoided (hence the use for CA signed certs).
This is the behaviour that I have observed when using server-side force encryption VS client side force encryption
( All with SQL-server self-generated/self-sign )
Client-Side Encryption ( SQL server side did not turn on Force Encryption )
1) On client side (SQL management studio) , set "Encrypt Connection" on, client prompted error when connecting to SQL server because SQL server is using a self-signed cert and client is NOT able to verify the self-sign cert
-- over here, I concluded that the client will verify the cert given by the server
Server side encryption (Force Encryption) - Using SQL configuration Manager
2) This time, I set Server Side Encryption using SQL configuration manager and set to Force Encryption.
Using SQL management studio as a client (I did not set "Encrypt Connection" option) , I connect to the SQL server. The connection when through, despite the Server using a self-sign cert.
-- over here, the client did not verify the cert given.
Why the discrepancy between the 2 scenario above ?
Client requested encryption - client will verify certificate given by the server
Server requested encryption - client doesn't care about certification authenticity ? In that case, why recommend using CA cert since client does not verify certification when Server side encryption ?
Am i missing something ?
Hope gurus here can shed some light on this for me ;(
Regard,
Noob
September 9, 2017 at 10:16 pm
I hope the silence in this thread despite the views is not an indication that I am understanding this SSL encryption wrongly.
I have turn on Force encryption on Server Side using a self-sign cert and the client (Mgmt Studio) seems to have "auto-trusted" that cert (despite not turning on any setting like "Encrypt connection / Trust Certificate" in the mgmt studio) and the connection went through successfully encrypted.
I cannot understand why does forcing Server-side encryption on, (indirectly disable client side ability to authenticate certificate) ?
September 11, 2017 at 8:54 am
Did you install the cert you created on the client? If so, you've enabled trust.
However, I do see your concern. The client should always go through the trust hierarchy to ensure the certificate is valid and report that. Force should not prevent that.
September 17, 2017 at 10:35 am
Hi Steve,
Thanks for replying to this thread. It has been confirmed that with Server-Side Force Encryption, it is not mandatory to install the cert on client and client will not verify the generated self-sign cert (or any ca cert) from server's end unless being configured to do so.
Regards,
Noob
September 17, 2017 at 5:29 pm
When you require encrypted connections, you don't have to install anything on the client. However, take a look at your network traffic when it isn't turned on. Everything is plain and visible, readable with no trouble at all. Then take a look at the traffic when it is turned on - much better.
Whether or not you use the self-signed cert or an internal one you have to install on the client, the return traffic is encrypted.
BTW, I saw a presentation on this at a SQL Saturday. I used Rawcap to capture and Wireshark to read the packets captured like the speaker recommended.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply