Encription check
-
Hi ,
How can i check the SSL Encryption Check from Sql server QA.
from
Killer
-
This was removed by the editor as SPAM
-
Raj,
I assume you want to see the encrypted data. You can simply run select query with “display result in text” turned on and you will be able to see encrypted data. If you run it in grid mode, you will see NULL values.
Thanks
Eric
-
Hi Eric ,
How can i see the SSL Encryption data.
from
Raj
-
Hi Raj.
Your question doesn't make much sense to me. Could you try rephrasing it? SSL is typically used to provide end-to-end encryption for data - working effectively as a layer encrypting your data and decrypting your data in what could be a transparent fashion. You don't "store" such data - the data is stored unencrypted in your database. If you want to encrypt it, there are plenty of articles and discussions on this site about various ways to do it.
Cheers,
Ian
-
Hi,
SQL Server can be configured to encrypt all data transmitted between a client computer and a SQL Server instance. If the server is properly configured, all connections will be encrypted using the SSL protocol and client connections not able to enable the SSL protocol will fail. In order to enable SSL encryption on the server, a valid certificate from a public certification authority is required. It is recomended to use SSL when login has to be mixed since when using SQL authenticantion'
credentials are sent in clear text
I wanted to know how to enable it or if it is enabled then how can i check that it is enabled.
hope this is very clear.
from
Killer
-
Very clear
Not entirely sure - I think you can specify it on the connection string used when connecting to SQL. But once you have a connection, I haven't seen a way to see what protocol is in use... I'm at a health conference for the next couple of days but will check it out one night and get back to you.
-
Hi Ian,
To make it more clear Here is a pic
SSL and IPSec
To defend the privacy and integrity of data transmitted across a network, you should use either IPSec encrypted communication channels or SSL connections to the database. Figure 5 shows the mapping of OSI layers to the TCP/IP stack.
IPSec is a network-level encryption and authentication protocol designed to protect network traffic from address spoofing, eavesdropping, and session hijacking. Since it operates near the bottom of the OSI stack, it is invisible to SQL Server. No SQL Server-level configuration is required to use IPSec, but an understanding of public and private keys will be helpful in planning your deployment
IPSec is a network-level encryption and authentication protocol designed to protect network traffic from address spoofing, eavesdropping, and session hijacking. Since it operates near the bottom of the OSI stack, it is invisible to SQL Server. No SQL Server-level configuration is required to use IPSec, but an understanding of public and private keys will be helpful in planning deployment.
SSL works at the boundary between the Session and Transport layers of the OSI model, allowing clients and servers to negotiate shared session keys. It provides encryption but not authentication. SSL communication is only possible between Application layers that have been specifically designed to use this protocol. Client applications running on top of the MDAC stack (version 2.6 or above) do not need to be SSL-aware, as this functionality is supplied by MDAC.
A best practice is to force connections that are capable of using SSL to do so. This is especially important when using Mixed-Mode Authentication. To force encryption on SSL-aware applications that connect to your server, apply an SSL certificate to the server and select the Force Protocol Encryption option on enabled protocols in the Server Network Utility.
-
Hi ,
How to enable SSL encryption for SQL Server 2000 with Certificate Server.
Pls see this link.
http://support.microsoft.com/default.aspx?scid=kb;en-us;276553
from
Killer
-
Hi ,
To check about SSL from SQL Server
EXECUTE master.dbo.xp_regread N'HKEY_LOCAL_MACHINE',N'SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib', N'Encrypt'
if the return data value is 1 then it is already configured\installed.
HTH
from
Killer
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply