August 8, 2007 at 3:51 am
Hi,
i've enabled the certification authentication login i use SQL 2K5 ENT
my problem is like that: in the client network utility i check the Force protocol encryption and connect
to the server the client can't connect because he doesn't have the certificate install on his machine which it's OK.
the problem is when i remove the Force protocol encryption on the client he connect successfully without the
certificate install on his machine or any thing.
i double check that on the server i've YES on the Force Encryption in the protocols For MSSQLSERVER.
why is that???
THX
August 8, 2007 at 5:11 am
August 8, 2007 at 5:47 am
do i have to? Beacuse i did not.
Isn't it enough to enable the server side to Enforce Certificate to Yes?
if i have to associate my login to the certificate how i do that?
Thx
August 8, 2007 at 7:07 am
mm.. actually you don't need to.
you can check out this link on the ms website
http://support.microsoft.com/kb/276553/ but its for sql 2000 ( it should be useful for 2005 as well)
and this http://support.microsoft.com/default.aspx?scid=kb;en-us;318605
August 8, 2007 at 8:36 am
those links doesn't solve my problem.
when my certificate server enabled and i enable the client to connect my server only with encryption the client can't connect because it say that he need certificate but if i remove the client encryption connection the client successfully connect.Does the client receive form the server another certificate that i don't know or something like that?
August 8, 2007 at 10:34 am
OR
did you do this?
August 8, 2007 at 10:45 am
i don't want to update the client with the certificate because if i do that i will not be able to see if the encryption is really happens.
i tell you what i have.
the server is under the certificate and encryption and it's set to Force encryption.
now on the client side i try those connections
1.I've enabled the Force encryption on the client side and try to connect the server without install the server certificate on the client, i didn't succeed which it's good because the client doesn't have the certificate and he shouldn't connect without it.
2. i remove the client side Force encryption and try to connect to the server without the Force encryption and the connection succeed which it should not succeed because the client must have first the certificate install and second enabled force encryption.
my question is how come the client did connect to my server when the Force encryption is off and the certificate isn't installed...???
August 8, 2007 at 12:22 pm
my question is how come the client did connect to my server when the Force encryption is off and the certificate isn't installed...???
you cannot set the FORCE ENCRYPTION on both the server and the client. that is why its failing.
how are you testing if the encryption is working because you need to use a network sniffer or MS Network monitor to check your network traffic?
August 8, 2007 at 12:30 pm
i don't check my connection with network sniffer or MS Network monitor i gust connect from the client with the option on the client force protocol encryption on or off. if it's on the when i get the login and try to access the server it say SSL error which it's fine because i didn't install the certificate. but if i remove the force protocol encryption from the client and in the login i try to access it's access successfully. my question is how and why?
Viewing 9 posts - 1 through 8 (of 8 total)
You must be logged in to reply to this topic. Login to reply