A recent project requires us to have SQL server on a public ip address, so our application can do some work across the internet.
How necessary is it to apply SSL to all SQL connections/commands? And what is the best way to go about it?
I added Force Encryption = Yes, in the protocol properties box on my SQL server instance. But if I click the certificates tab, it does not list any certificates at all. I tried installing my certificate to every place I could think of in the certificate store, and could not get it to show up (Personal, under SQL Server, Local Machine, System, etc.).
How do I set my certificate?
Other info:
- Using SQL server 2005, standard edition
- Client app will connect with the sa user to a domain (www.exampleurl.com)
- We're running Windows Server 2008 and should have all updates and service packs
- I tried both a self-signed certificate and a true certificate that is out of date. (is this my issue?)
- We do not want to purchase a valid certificate if at all possible.
