Determine impact of expired SSL certificate in SQL Server Network Config

  • Hello experts,

    I am working with a client to find a brief outage window to restart SQL services so that a new SSL certificate can take effect before its expiration date tomorrow.

    In the Flags tab, Force Encryption is set to No. That setting is not something I decided so I'm not changing it. I just have to make the new cert take effect in SQL.

    Could anyone tell me what the impact is when that SSL expiration date passes? Will any connections to SQL Server fail, or will they succeed because Force Encryption is not set to Yes?

    Obviously I want to update the cert before its expiration. But if effectively nothing will happen, can I wait until the client finds a time that they will approve for the outage?

    Sorry for my ignorance. There are just so many certificates possible in Windows, and although I believe the ones where Force Encryption is Yes are the most critical to keep current, I just don't know the impact in this case.

    Also, it is frustrating that if I get a new cert with too little lead time (a business issue, not SQL), I find myself scrambling to get a downtime that day and I don't know if I really need to be rushing in cases like this.

    Thanks for any help.

    -- webrunner

    • This topic was modified 2 years, 9 months ago by  webrunner.

    -------------------
    A SQL query walks into a bar and sees two tables. He walks up to them and asks, "Can I join you?"
    Ref.: http://tkyte.blogspot.com/2009/02/sql-joke.html

  • Thanks for posting your issue and hopefully someone will answer soon.

    This is an automated bump to increase visibility of your question.

  • Depends on the configuration of the app.

    In ssms you have options to not to encrypt or to trust the servers certificate (even if it is invalid)

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply