by Dan Sullivan
Databases are repositories for a wide variety of enterprise information. Much of that information is confidential and in some cases subject to regulations governing how securely it should be stored and transmitted. SQL Server is Microsoft’s relational database, and like many other enterprise applications from that vendor, it supports the use of SSL certificates to improve the security of communications between the database server and client devices. Again, we assume you have purchased or generated an SSL certificate for use with your SQL Server database.
The installation process starts with the SQL Server Configuration Manager, which is available in the SQL Server 2008 group under the Start menu. After the SQL Server Configuration Manager starts, click the SQL Server Network Configuration option in the left panel.
Figure 4.6: Select SQL Server Network Configuration from the SQL Server Configuration Manager.
Click on the Protocols for SQLExpress in the main panel. This will open a protocols dialog box (see Figure 4.7).
Figure 4.7: The Network Protocols dialog box allows you to select SSL certificates to use with this database.
In the Protocols dialog box, click the Certificates tab. Near the top is a drop-down box listing certificates stored in the Certificate Store. The list in Figure 4.7 corresponds to the certificates in the Certificate Store shown in Figure 4.8.
Figure 4.8: Certificates listed in the Certificate Store are available in the Protocols dialog box in SQL Server.
Select the certificate you want to install on this database server.
Figure 4.9: When a certificate is selected, the dialog box will display basic information such as issuer and expiration date.
After the certificate is selected, click the Flags tab to continue with the configuration. The Flags tab includes options for forcing encryption. Choose this option to ensure that communications between the database server and clients is encrypted. This is especially important if you will have clients accessing the server via the Internet. By setting the Force Encryption option, you will require an encrypted communications channel.
Figure 4.10: The Protocols dialog box allows you to specify that encryption is required for client/server communications.
After selecting the appropriate options on the Flags tab, click Apply. If you receive a message, click OK and restart the database service.
SSL certificates are useful for improving the security of many enterprise applications. Microsoft Exchange, Microsoft SharePoint Server, and Microsoft SQL Server can all take advantage of the benefits of SSL certificates. Fortunately for Windows systems administrators, there is a good amount of overlap between these applications when it comes to installing SSL certificates. Of course, each application has specific requirements as well. These tend to focus on options, such as whether to enforce encryption on all communications between clients and servers, or on configuring application-specific features, such as in the case of Microsoft Exchange.
About the Author
Dan Sullivan has more than 20 years of IT experience that includes engagements in application design, systems architecture, and enterprise security. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, life sciences, and education. Dan has written and presented extensively about systems architecture, infrastructure management, and aligning business and IT strategies. His articles have appeared in Intelligent Enterprise, Business Security Advisor, DM Review, and E-Business Advisor. He has written several books including The Shortcut Guide to Prioritizing Security Spending,The Definitive Guide to Security Management; The Definitive Guide to Information Theft Prevention; The Definitive Guide to Service Oriented Systems Management; The Definitive Guide to Controlling Malware, Spyware, Phishing, and Spam; The Tips and Tricks Guide to Secure Content Appliances; and The Shortcut Guide to Protecting Business Internet Usage.