Encrypt communication channel
between Application Server and Database Server
- · First we have to encrypt all databases in particular database server
- · Encrypt Connection between SQL Server and SharePoint require: SSL(Secure Socket Layer) method
- · Get the certificate from Application team which they have created and configured over Application Server.
- · Certificates provided by application team should be like below screenshot
- · Copy this certificate in destination database server
- · Now, open the Microsoft Management Console (MMC) by click Start -> Run, entering mmc and pressing Enter
- · Add the Certificates snap-in by clicking File -> Add/Remove Snap-in… and double clicking the Certificates item (Note: Select computer account and Local computer in the two pages on the wizard that appears.
- · Expand Certificates (Local Computer) -> Personal -> Certificates and find the SSL certificate you imported.
- · Right click on the imported certificate (the one you selected in the SQL Server Configuration Manager) and click All Tasks -> Manage Private Keys
- · Click the Add… button under the Group or user names list box
- · Enter the SQL service account name and click ok.
- · Next you have to enable ‘Force Encryption’ option to Yes in SQL Configuration Manager----> SQL Server Network Configuration-->Protocols for Servername-->Right click.
- · Now click on Certificate Tab and select the certificate from the drop down box as shown in below Screenshot :
- · Close and save the MMC and restart the SQL service.
NOTE:
To cross check if selected SSL certificate is actually encrypting
the traffic to and from the database.
Open up the ERRORLOG file and look for below screenshot:
To verify the code, go back to the MMC with the Certificates
snap-in loaded and your SSL certificate visible. Double click on the
certificate and click the Details tab. Scroll to the bottom of the list and
select the Thumbprint field. The value that appears should match that which is
shown in the sql errorlog file.
No comments:
Post a Comment