Wednesday, 15 September 2010

.net - SQL Server encryption using self signed SSL certificate. Querying from ASP.NET 3.5 -


I have created a self-signed certificate to test encryption between my web application and SQL Server.

When trying to query the database by using "encrypt = yes"; In the connection string, I get the following message:

A connection was successfully installed with the server, but then there was an error during the pre-login handshake. (Provider: SSL Provider, Error: 0 - The certificate chain was issued by an authority which was not trusted.)

Background
I The same received message when first attempting an encrypted connection from the management studio. This was resolved by establishing a self-signed certificate in the Certified Certificate Authority.

Question
Is there a way that I can get ASP.NET to trust the certificate on the way my user does the account?

The correct answer for this is to add a self-signed certificate to the certificate store.

Wrong way
Installing the certificate by double-clicking on the .cer file on the server - This currently adds a certificate for the log, in the user only, which is why That in some cases cloning works

Correctly
Use CertMgr.exe to install certificates.
- You can find CertMgr.exe in the Windows SDK, or apparently in Visual Studio 2005, the bin folder is not in VS2008.
- You can run CertMgr.exe under a Needs account ; A domain account with local administrator privileges will not work - runmind to run on the server To add the certificate to the localmarket trusted store, run CertMgr.exe:
- certmgr / add your.Certificate Fileename.cer / s / r localmachin root
- certificate / Add yours. Certification.Filename.cer / s / r Localmark Trusted

Also note that the certificate can not use wildcards while referenceing the file name. (/ Add * .cer will fail.)


No comments:

Post a Comment