Configuring an SSL connection for the Microsoft SQL Server 2005 JDBC driver 1.2

book

Article ID: 179866

calendar_today

Updated On:

Products

Security Information Manager

Issue/Introduction

 

Resolution

Configuring an SSL connection for the Microsoft SQL Server 2005 JDBC driver 1.2

If you use Microsoft SQL Server 2005 database with the Microsoft SQL Server 2005 JDBC driver 1.2, you can configure an SSL connection.

Note:
Microsoft SQL Server 2005 JDBC driver 1.1 or earlier does not support SSL.

In order to configure an SSL connection, you must complete the following procedures:

See Installing collectors that use a database sensor.

To configure SSL for the SQL Server

  1. Start SQL Server Configuration Manager.

  2. Expand SQL Server Network Configuration, right-click the protocols for the server that you want, and then click Properties.

  3. On the Certificate tab, select the certificate that you want to use to protect your connection.

    Self-signed certificates are supported but not recommended because they do not provide adequate security.

  4. On the Flags tab, view or specify the protocol encryption option.

    The logon packet is always encrypted.

  5. Set the ForceEncryption option to Yes.

    ForceEncryption encrypts all client/server communication and clients that cannot support encryption are denied access.

  6. Restart the SQL Server.

To configure the sensor properties for an encrypted protocol

  1. In the Information Manager console, in the left pane, click System.

  2. Select the Product Configurations tab, and then expand the tree until you see the collector name.

  3. In the left pane, select the appropriate configuration.

  4. In the right pane, on the sensor tab, under the list of sensors, click the sensor.

  5. In the Database URL field, add the following property string at the end of the URL:

    ;encrypt=true

    For example,

    jdbc:sqlserver://192.168.19.40:1433;DatabaseName=database_name;
    
    encrypt=true
  6. If you are using a self-signed certificate, add the following property string at the end of the URL:

    ;trustServerCertificate=true

    For example,

    jdbc:sqlserver://192.168.19.40:1433;DatabaseName=database_name;
    
    encrypt=true;trustServerCertificate=true
  7. Click Save.

  8. In the left pane, right-click the appropriate configuration, and then click Distribute.

  9. When you are prompted to distribute the configuration, click Yes.

  10. In the Configuration Viewer window, click Close.