Certificates in SQL Server Network Configuration

  • Hi,

    I have a quick question that needs a quick answer 🙂

    Is it recommended to add SQL Server Certificates under SQL Server Network Configuration in SQL Server 2019 Enterprise Edition?

    And also, are there any advantages/disadvantages of installing these Certificates in the 2019 HA Cluster?

    Thank you

     

  • I was told by System Admins that not having Certificate installed on SQL Server adds vulnerability to the Server. I cannot find a proof to this statement.

    Instead, I believe that adding these Certificates can degrade the database performance.

    Any hint, please

     

  • As far as I know the certificates are required if you want to encrypt the client-server communication so that passwords and data aren't sent in plaintext across the wire

  • certificates are for encryption to and from SQL servers. Assigning certificate to server does not force encryption. it's up to the client to ask for encryption.

    If you are using Force encryption setting without certificate, the clients has no choice but to trust server self-signed cert.

    if you have assigned cert + force encryption, clients can use certificate to to do the encryption and can choose not to trust the sql server without certificate.

    • This reply was modified 2 years, 7 months ago by  ayesone.

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply