December 9, 2014 at 5:00 am
Good Morning Folks,
I am a bit confused by certificates and SSL in SQL Server.
Are they one and the same thing?
For example one can create a certificate in sql server using CREATE CERTIFICATE ... WITH ENCRYPTION/FILE=
Is that the same as installing an SSL certificate?
To me it looks like not! But also not sure how the two co-exist?
Any help, as always is appreciated.
Cheers
Alex
December 9, 2014 at 5:19 am
alex.sqldba (12/9/2014)
Good Morning Folks,I am a bit confused by certificates and SSL in SQL Server.
Are they one and the same thing?
For example one can create a certificate in sql server using CREATE CERTIFICATE ... WITH ENCRYPTION/FILE=
Is that the same as installing an SSL certificate?
To me it looks like not! But also not sure how the two co-exist?
Any help, as always is appreciated.
Cheers
Alex
They are separate things altogether. SSL is a secure transport layer, data is encrypted and secured over the communication channel.
This is done using various different security mediums, the most common being a certificate, whether it is from a trusted source or self signed. Certsd are used for encrypting various traffic such as SQL Server, exchange outlook web access, secure websites.
A certificate uses a public and private key for the encryption handshake, more can be found here
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
December 9, 2014 at 6:39 am
Excellent. Cheers Perry, that's what I wanted to know.
So, if I enable SSL (with a self signed cert) on ServerA, that cert also needs to be installed on any client or server that wants to conenct and work with serverA?
What happens if that Cert is not available - connection refused?
Alex
December 9, 2014 at 7:04 am
Also, is it possible to force only a specific connecting host or hosts to use a certificate, where as everything else doesn't so like a whitelist or a blacklist?
cheers
Alex
December 9, 2014 at 9:04 am
the certificate is applied and the encryption is enabled in sql server configuration manager instance wide. The certificate is stored in the machines local store.
If you want to use policy based encryption you'll need to look at IPSec
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
December 12, 2014 at 4:07 am
Thanks guys, we're all sorted here now!
December 12, 2014 at 5:59 am
what did you do in the end?
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply