Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Encrypt connection to SQL Server 2005


Encrypt connection to SQL Server 2005

Author
Message
river1
river1
SSC Eights!
SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)

Group: General Forum Members
Points: 952 Visits: 1357
Hi,

I need to encrypt the connection that my VB 6.0 app uses to connect to SQL Server 2005.

My app connects to SQL using SQL Server authentication.

Is there a problem with this?

Thank you
Lowell
Lowell
SSChampion
SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)

Group: General Forum Members
Points: 14958 Visits: 38972
as i understand it, you should do this in two places;

you can make your server require encryption from everything connecting,a dnt he native client will handle it automatically:
SQL Server Configuration Manager and click properties for "SQL Native Client Configuration", if correct, you should be able to see two flags, one is "force client encryption", which you want to toggle to yes.


seperate from that, when you build an application with a connection string, one of the parameters is Encrypt=yes;

Driver={SQL Native Client};Server=myServerAddress;Database=myDataBase;Trusted_Connection=yes;Encrypt=yes;




Lowell

--
help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!

river1
river1
SSC Eights!
SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)

Group: General Forum Members
Points: 952 Visits: 1357
But there is no problem with encrypting a connection because it uses SQL Server authentication instead of windowns authentication, correct?


Or i can only encrypt connection if they use windows authentication to connect to the server?



Thank you.
Lowell
Lowell
SSChampion
SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)

Group: General Forum Members
Points: 14958 Visits: 38972
river1 (2/6/2010)
But there is no problem with encrypting a connection because it uses SQL Server authentication instead of windowns authentication, correct?
Or i can only encrypt connection if they use windows authentication to connect to the server?
Thank you.


the encryption is for all the packets transferred to and from SQL Server, regardless of any authentication protocols or any other settings; so it's fast and cheap to just make the server require encryption.

you cannot be selective and make only one authentication type require encryption; about hte only option might be that you could make an application always use encryption even if the server did not require encryption by default, by adding to the connection string.

Lowell

--
help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!

SQLRNNR
SQLRNNR
SSC-Insane
SSC-Insane (21K reputation)SSC-Insane (21K reputation)SSC-Insane (21K reputation)SSC-Insane (21K reputation)SSC-Insane (21K reputation)SSC-Insane (21K reputation)SSC-Insane (21K reputation)SSC-Insane (21K reputation)

Group: General Forum Members
Points: 21075 Visits: 18259
No problem with encrypting communications to the server.

Another method is to establish an ssl certificate on both the client and the server.



Jason AKA CirqueDeSQLeil
I have given a name to my pain...
MCM SQL Server, MVP


SQL RNNR

Posting Performance Based Questions - Gail Shaw

river1
river1
SSC Eights!
SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)

Group: General Forum Members
Points: 952 Visits: 1357
Hi,

I i'm very confused...
Are there any differences between Encrypting a connection to SQL Server and using SSL?

I thought the two where the same.

Can anyone explain to me the differences betweeen the two? can you give me a good link this?

Thank you very much
Lowell
Lowell
SSChampion
SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)

Group: General Forum Members
Points: 14958 Visits: 38972
SSL is an https connection for a web page, using port 443 by default. in theory, i can go to your web page via https, but your web server goes to a different server for SQL data via the default of port 1443. so the data between your Web server and your SQL server is not encrypted. , but when the data is passed back to me via https SSL on the web connection, it is encrypted.

The same thing for when you connect directly to the SQL Server via SSMS or your application or whatever...the traffic passed back and forth is not encrypted.
That is the SQL specific info we were giving you, so you can easily force the traffic to and from the SQL server to be encrypted.

Lowell

--
help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!

Eduard
Eduard
SSC-Enthusiastic
SSC-Enthusiastic (115 reputation)SSC-Enthusiastic (115 reputation)SSC-Enthusiastic (115 reputation)SSC-Enthusiastic (115 reputation)SSC-Enthusiastic (115 reputation)SSC-Enthusiastic (115 reputation)SSC-Enthusiastic (115 reputation)SSC-Enthusiastic (115 reputation)

Group: General Forum Members
Points: 115 Visits: 217
ssl is added as an layer and is independent of sql server or https. it's just used as a component. just like if you add ssl to ftp you get sftp. or telnet -> stelnet etc.

How to enable SSL encryption for an instance of SQL Server by using Microsoft Management Console
http://support.microsoft.com/kb/316898
river1
river1
SSC Eights!
SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)SSC Eights! (952 reputation)

Group: General Forum Members
Points: 952 Visits: 1357
But in my case, my apps are intranet apps made in Visual Basic. This are windows aplications they do not use the browser.

In this case, what i want is that because my VB aplication connects to SQL Server via SQL Server authentication, and because SQL Server authentication goes in plaintext by default, anyone with a sniffer or with profiler can see the passwords of the users that are hard coded inside my VB aplication.

what i want is that this informations can not be seen by sniffers of by profiler so i think i want to encrypt it.


What type of procedure would you advice?


Thank you.
Lowell
Lowell
SSChampion
SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)SSChampion (14K reputation)

Group: General Forum Members
Points: 14958 Visits: 38972
yeah, encryption can be confusing; I didn't know SSL was an added layer; so I learned something today; (as usual here on SSC) Thanks Eduard!

river by changing that flag i mentioned before, "Force Protocol Encryption" to yes, you will achieve what you were after; traffic going to and from your SQL server will be encrypted. so your application will be more secure.

you can grab a scanner and see if you are not sure, or of course there's lots more information on MS or via google if you need deeper details to document how much more secure it will be. I know it's one thing to "say" it's more secure, and another to be able to show the chain of command.

Lowell

--
help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!

Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search