Answer 5
Hi Tom,
Thank you so much for taking time to answer me.
the problem has already gone by means of makecert.since my sql server is running on win xp which is not a part of a domain ,
I had to change my primary DNS to Local but the problem with SSL Diagnostics is, it does not include FQDN(fully qualified domain name) in the name of the certificate.
following code helped me to make a valid certificate to test SSL on my xp
makecert -r -pe -n "CN=Mycomputername.Local"
-b 01/01/2000 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1
-ss my -sr localMachine -sky exchange
-sp "Microsoft RSA SChannel Cryptographic Provider"
-sy 12 c:\test.cer
now the question is, although i have
installed the certificate successfully
and have set force encryption to yes under the flags'
tab of protocols'
window as well as sql native client
configuration
properties but SQL Server accepts both encrypt connection and non-encrypt connection,why?(i have checked the encrypt connection
of the connection properties of connect to server window).
also when i run profiler i can capture both T-SQL statements which is run against encrypted and non-encrypted connection
and i expected the profiler should not be able to get the encrypted connection's T-SQL statement,am I right or something is wrong with my configurations?
by the way the following is what i got after running
Microsoft SQL Server 2005 - 9.00.3042.00 (Intel X86)
Feb 9 2007 22:47:07
Copyright (c) 1988-2005 Microsoft Corporation
Developer Edition on Windows NT 5.1 (Build 2600:
service Pack 3)
i have to add (sp2) at the end of 2005 ;)
--yousef