|
|
You can use the Secure Sockets Layer (SSL) protocol to secure the communication link between clients (direct callers) and Microsoft® SQL Server™ 2000. When you configure SQL Server for SSL, all of the data transmitted between client and server (and vice versa) may be encrypted to ensure that the data remains confidential while in transit between the client and SQL Server.
SSL is an alternative to using IPSec to secure database traffic.
For more information about how to use IPSec to secure database traffic, see “How To: Use IPSec to Provide Secure Communication Between Two Servers” in the Reference section of this book.
Unlike IPSec, configuration changes are not required if the client or server IP addresses change.
For SSL to work, you must install a server certificate on the database server computer. The client computer must also have a root certificate authority (CA) certificate from the same authority.
Clients must have the SQL Server 2000 connectivity libraries installed. Earlier versions or generic libraries will not work.
SSL only works for TCP/IP (the recommended communication protocol for SQL Server) and named pipes.
You can configure the server to force the use of encryption for all connections.
On the client, you can:
Force the use of encryption for all outgoing connections.
Allow client applications to choose whether or not to use encryption on a per-connection basis, by using the connection string.
|
|