• I am developing a windows forms application and the client has requested that the client application pass encrypted data to the SQL Server database.  I know that this could be accomplished with webservices and run through SSL but I am looking for information on what is the format ADO.net transmits through TCIP connections and is there any way to set up something like SSL within SQL Server.  Leaving out IIS. 

    Sorry if my question is not clear but I have never had a client be concerned with the connection between a client and SQL Server before.  I guess I am wondering if there is anything they should be worried about.

  • This is a good book:



  • Are you sending encrypted data or looking to encrypt the data stream? SSL will encrypt the stream, but the data will be text in the server. If you encrypt on the client, then you don't need to owrry about the stream.

  • What Steve says is true, but ... if the client only wants encryption on the wire, then having the data in plain text on the server will allow for useful indexing.  The SSL-style over-the-wire encryption with SQL Server is easy to set up, by the way, and we couldn't really notice any performance problems.  The bigger problem was getting everybody's MDAC up to date so that the clients would work with the encryption.


    This is the 75th post in a planned series of, well ... more than 75.

  • Do you need to install IIS on the SQL Server book to set up SSL.  Any more information you have or articles describing the set would be appreciated.  On only need to encrypt the wire but everything I see in articles deals with ASP.NET and SSL

  • No (at least I don't think so), but it might be the easiest way, since IIS is right there on the box waiting to be installed and it has that nifty Certificates wizard.  What we did was to install IIS, install the server certificates, and then uninstall IIS right afterwards.


Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply