April 1, 2008 at 12:57 pm
Hello,
We have a web application in ASP. The ASP application uses an MSDE 2000 database that resides on the web server and it connects to another SQL 2000 standard database to retrieve data. We want to use the 'Force encryption' option in the client network utility on the web server to encrypt the SQL connection between these two databases.
We followed the MS article http://support.microsoft.com/kb/316898 to do this. However, I am unable to make a successfull connection using our web application. I even tried to make a connection using SQL Query Analyzer from the web server to the SQL 2000 standard database where the actual information is stored.
I get the following error.
Unable to connect to server
[Microsoft][ODBC SQL Server Driver][DNETLIB]SSL Security error.
The SSL cert from the SQL 2000 starndard database server was exported and imported into the Trusted authority using the MMC snap-in as mentioned in the MS article.
Any ideas on why I am getting the error?
Note: Port 1433 is opened on the firewall since the SQL 2000 standard database sits behind a firewall.
Thanks in advance.
April 1, 2008 at 1:48 pm
Did you import the certificate into the computer account (not the logged on user)?
What happens if you try to force encryption from say, QA?
K. Brian Kelley
@kbriankelley
April 1, 2008 at 2:14 pm
Yes, that is correct. I imported into the 'Computer Account' using MMC. I can also see this imported certificate along with a bunch of others in the 'Trusted Root Certification Authorities' folder in the MMC.
How do I force encryption using SQL Query Analyzer? I don't see an option to do that. Currently, encryption is forced using the Client network utility.
Thanks for looking into this.
April 1, 2008 at 2:46 pm
Same idea. On your computer, run cliconfg.exe. This is the client network utility. You can force it on there.
K. Brian Kelley
@kbriankelley
April 1, 2008 at 3:16 pm
Yep, that's exactly what I did.
I have been looking at this specific error and got a bit more further. I have been trying to connect to the SQL 2000 standard server from the web server using the IP address of the SQL 2000 server. I found a MS article http://support.microsoft.com/kb/316779 saying that this is not possible and it is an MS issue. However, the resolution was to setup an Alias using Client network utility. I did just that and I get the error below. It is slightly different and not sure what this could be due to.
Server: Msg 18, Level 16, State 1
[Microsoft][ODBC SQL Server Driver]]TCP/IP Sockets]SSL Security errror
Any ideas???
Thanks.
April 1, 2008 at 9:01 pm
The name being used to connect must match the name of the certificate. One thing that may work better is to make an entry in the hosts file that matches the common name being used.
K. Brian Kelley
@kbriankelley
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply