安全第一,在sql server和client之间配置ssl连接
MS SQL Server的密码明文传输是 安全 上的一个缺陷。具体的我就不描述了,有兴趣可以参考一下这个文章: 深入探索sql2000网络 连接 安全 问题 所以我只能说说我是怎么实现sql server 2000的ssl的。因为资料很多,我只说一个大概步骤。并且我把我用过的资料、
MS SQL Server的密码明文传输是安全上的一个缺陷。具体的我就不描述了,有兴趣可以参考一下这个文章:深入探索sql2000网络连接安全问题
所以我只能说说我是怎么实现sql server 2000的ssl的。因为资料很多,我只说一个大概步骤。并且我把我用过的资料、我遇到的问题都在后面列举出来了。需要的可以自己参考
关于启用 sql server 2000 ssl 连接的操作
在默认情况下,Sql Server2000对于客户端的连接是明文的,有可能被网络中的其他恶意攻击者使用嗅探软件所监听。所以在需要高度安全性的场合,可以考虑在客户端和服务器端使用ssl连接以提高安全性。
配置sql2000使用ssl ,必须在网络中存在Certificate Server 。配置步骤:
1. 在“添加删除程序”-添加组建—选择“证书服务”
2. 按照证书服务的提示,选择安装企业根ca或者独立根ca 。我选择的是独立根ca
3. 完成安装后,确认管理工具里面,出现“证书颁发机构”的插件
下面是为sql server 请求一个证书的操作:
1. 如果前面选择的是独立根ca的话,打开ie浏览器。在地址栏输入:http://servername/certsrv ,向你的证书服务器提交一个证书申请。
2. 在申请页面,选择请求证书—高级请求—使用表格提交请求,下一步
3. 在证书内容里面,要填写证书的名称。这里要注意名称必须选择服务器的fqdn名称,否则有可能会出现错误。申请的证书选择“服务器验证证书(Server Authentication Certificate)”,并且选择“使用本地计算机存储”,提交请求
4. 在ca中许可这个申请,然后在ie中选择察看提交的申请选项,并且安装证书
下面可以确认证书安装是否正确:
1. 在ie—属性—内容—证书选项,查看是否存在刚才颁发的证书,并且作用为“服务器身份验证”
2. 打开mmc控制台,添加“证书”插件(包括计算机帐号)。确认刚才颁发的证书存在。
Sql服务器上的操作:
1. 在sql的“服务器实用工具(SQL Server Network Utility)”里,选择“强制使用协议加密”
2. 重新启动MSSQLServer service 。确认能正常启动
3. 在“客户端实用工具” ,选择“强制使用协议加密”
测试:
可以使用Query Analyzer和ODBC application进行连接,然后使用网络监视软件进行抓包,确认是否启用了ssl 。
常见错误:
1. 在安装证书服务的时候,将证书服务的名称设置成和主机名一样的名称。这样会导致sql server在初始化时失败,这个问题可以看kb:http://support.microsoft.com/default.aspx?scid=kb;en-us;302409&Product=sql2k
2. 在申请证书的时候,证书的名称没有使用fqdn完全限定域名。这是引起sql server “SSL Security error :ConnectionOpen (SECDoClientHandshake()”错误的原因之一。Kb309398阐述了这个问题:http://support.microsoft.com/default.aspx?scid=kb;en-us;309398&Product=sql2k
3. 关于可以参考的安装配置文章:HOW TO: Enable SSL Encryption for SQL Server 2000 with Certificate Server 可以参看kb:http://support.microsoft.com/default.aspx?scid=kb;en-us;276553&Product=sql2k#2(有ppt可下载)
http://support.microsoft.com/default.aspx?scid=kb;en-us;324777&Product=sql2k
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
What is the difference between HQL and SQL in Hibernate framework?
Apr 17, 2024 pm 02:57 PM
HQL and SQL are compared in the Hibernate framework: HQL (1. Object-oriented syntax, 2. Database-independent queries, 3. Type safety), while SQL directly operates the database (1. Database-independent standards, 2. Complex executable queries and data manipulation).
The working principle and configuration method of GDM in Linux system
Mar 01, 2024 pm 06:36 PM
Title: The working principle and configuration method of GDM in Linux systems In Linux operating systems, GDM (GNOMEDisplayManager) is a common display manager used to control graphical user interface (GUI) login and user session management. This article will introduce the working principle and configuration method of GDM, as well as provide specific code examples. 1. Working principle of GDM GDM is the display manager in the GNOME desktop environment. It is responsible for starting the X server and providing the login interface. The user enters
Usage of division operation in Oracle SQL
Mar 10, 2024 pm 03:06 PM
"Usage of Division Operation in OracleSQL" In OracleSQL, division operation is one of the common mathematical operations. During data query and processing, division operations can help us calculate the ratio between fields or derive the logical relationship between specific values. This article will introduce the usage of division operation in OracleSQL and provide specific code examples. 1. Two ways of division operations in OracleSQL In OracleSQL, division operations can be performed in two different ways.
Comparison and differences of SQL syntax between Oracle and DB2
Mar 11, 2024 pm 12:09 PM
Oracle and DB2 are two commonly used relational database management systems, each of which has its own unique SQL syntax and characteristics. This article will compare and differ between the SQL syntax of Oracle and DB2, and provide specific code examples. Database connection In Oracle, use the following statement to connect to the database: CONNECTusername/password@database. In DB2, the statement to connect to the database is as follows: CONNECTTOdataba
Detailed explanation of the Set tag function in MyBatis dynamic SQL tags
Feb 26, 2024 pm 07:48 PM
Interpretation of MyBatis dynamic SQL tags: Detailed explanation of Set tag usage MyBatis is an excellent persistence layer framework. It provides a wealth of dynamic SQL tags and can flexibly construct database operation statements. Among them, the Set tag is used to generate the SET clause in the UPDATE statement, which is very commonly used in update operations. This article will explain in detail the usage of the Set tag in MyBatis and demonstrate its functionality through specific code examples. What is Set tag Set tag is used in MyBati
Understand Linux Bashrc: functions, configuration and usage
Mar 20, 2024 pm 03:30 PM
Understanding Linux Bashrc: Function, Configuration and Usage In Linux systems, Bashrc (BourneAgainShellruncommands) is a very important configuration file, which contains various commands and settings that are automatically run when the system starts. The Bashrc file is usually located in the user's home directory and is a hidden file. Its function is to customize the Bashshell environment for the user. 1. Bashrc function setting environment
How to install, uninstall, and reset Windows server backup
Mar 06, 2024 am 10:37 AM
WindowsServerBackup is a function that comes with the WindowsServer operating system, designed to help users protect important data and system configurations, and provide complete backup and recovery solutions for small, medium and enterprise-level enterprises. Only users running Server2022 and higher can use this feature. In this article, we will explain how to install, uninstall or reset WindowsServerBackup. How to Reset Windows Server Backup If you are experiencing problems with your server backup, the backup is taking too long, or you are unable to access stored files, then you may consider resetting your Windows Server backup settings. To reset Windows
How to solve the 5120 error in SQL
Mar 06, 2024 pm 04:33 PM
Solution: 1. Check whether the logged-in user has sufficient permissions to access or operate the database, and ensure that the user has the correct permissions; 2. Check whether the account of the SQL Server service has permission to access the specified file or folder, and ensure that the account Have sufficient permissions to read and write the file or folder; 3. Check whether the specified database file has been opened or locked by other processes, try to close or release the file, and rerun the query; 4. Try as administrator Run Management Studio as etc.
