Http://www.edong.org/main/content/view/259/42/ Writing: Administrator 2004-05-18 MS SQL Server Password Transfer is a safe defect. I don't describe it, I am interested to refer to this article: I have explored SQL2000 network connection security issues so I can only talk about how I implements SQL Server 2000 SSL. Because I have a lot of information, I only say a probable step. And I use the information I have, I am listed later. What you need can refer to the operation of the SQL Server 2000 SSL connection is default, the SQL Server2000 is plaintened by the client's connection, which may be listened by other malicious attackers in the network. Therefore, in the case of high security, it is possible to consider using SSL connections to improve security in the client and server side. Configuring SQL2000 Use SSL and must have Certificate Server in the network. Configuration steps: 1. In "Add Remove Programs" - Add Group - Select "Certificate Services" 2. Follow the certificate service, select Install Enterprise Root CA or Separate CA. I chose the independent root CA3. After the installation, confirm the management tool, the "Certificate Authority" plug-in is the operation of requesting a certificate for SQL Server: 1. If the previous choice is the independent root CA, open IE Browser. Enter: http:// Servername / CERTSRV, submit a certificate application to your certificate server. 2. In the application page, select the Request Certificate - Advanced Request - Use the Form Submit Request, Next 3. In the certificate content, you should fill in the name of the certificate. Here you should pay attention to the name that the server must select the server's FQDN name, otherwise it may have an error. Application Certificate Select "Server Authentication Certificate", and select "Use Local Computer Storage", submit request 4. License this application in CA, then select the submitted application option, and install the certificate below Can confirm that the certificate is installed correctly: 1. In the IE-Property-Content-Certificate option, see if there is a certificate that has just been issued, and acts as "server authentication" 2. Opens the MMC console, add a "certificate" plugin (including computer) account number). Confirm the existence of the certificate you just issued. Action on the SQL server: 1. In the SQL "SQL Server Network Utility", select "Force Protocol Encryption" 2. Restart the MSSQLServer Service. Confirm that it can start normally 3. On the Client Utility, select "Force Using Protocol Encryption" test: You can use Query Analyzer and ODBC Application, then use the Network Monitoring Software to capture, confirm whether SSL is enabled. Common error: 1. When installing the certificate service, set the name of the certificate service to the same name as the host name. This will cause SQL Server failure when initialization, this problem can be seen in KB: http://support.microsoft.com/default.aspx? Scid = kb; EN-US; 302409 & product = SQL2K2. When the application is applied, the name of the certificate does not use the FQDN to fully qualify the domain name. This is one of the causes of SQL Server "SSL Security Error: ConnectionOpen ()".
