Ask Learn
Preview
Ask Learn is an AI assistant that can answer questions, clarify concepts, and define terms using trusted Microsoft documentation.
Please sign in to use Ask Learn.
Sign inThis browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
SQL Server 2005 offers the capability of channel encryption through the use of SSL (as did SQL Server 2000). The instructions for doing so are well documented in the BOL but I'll briefly descirbe what's entailed here.
It's important to note that the highest level of security is achieved when the client explicitly requests that channel encryption be used. This is because the client will attempt to validate the identity of the server using the SSL certificate in this situation and this helps mitigate man-in-the-middle attacks.
I should also mention that it is possible to get SSL encryption without provisioning a certificate because of the new self-signed certificate feature. I've posted a detailed explanation in the DataWorks blog so take a look if you're interested (https://blogs.msdn.com/dataaccess/archive/2005/08/05/448401.aspx). However, for security reasons, it is always preferable to use a properly provisioned certificate.
Il-Sung Lee
Program Manager, SQL Server Protocols
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights
Ask Learn is an AI assistant that can answer questions, clarify concepts, and define terms using trusted Microsoft documentation.
Please sign in to use Ask Learn.
Sign in