??? ???? ??? ??? ????? ?????????? ????? ?? SQL Server 2000 ?? ??? SSL ??????????? ????? ???? ?? ??? ???? ????

???? ?????? ???? ??????
???? ID: 276553 - ?? ???????? ?? ?????? ??? ?? ?? ???? ???? ???? ??.
??? ?? ??????? ???? | ??? ?? ??????? ????

?? ????? ??

??????

?? ??? ?? ??? ???? ????? ????? ?? ???? ??????? ?????? ??? ?? ????? ?????????? ????? ?? ??? Microsoft SQL Server 2000 ?? ??? ???????? ????? ???? (SSL) ??????????? ?? ????? ???? ?? ??? ?????? ????? ?? ???? ???? ???? ??? ??? ?? ???? ?????????? ?? ?????-???? ???????? ?? ?????? ???? ?? ???? ??, ?? ???????? ?????? ?????? ??? ?? ????????? ?? ???? ????? ?????? SQL Server 2000 ???? ???????????? ????????? ?? ??? ??????? ???????????? ?????? ???? ?? SSL ??????????? ?? ????? ???? ??? ??? ???-????????? SuperSocket, Ssnetlib.dll ?? Dbnetlib.dll ?? ????? ?? ?? SQL Server ??????????? ????? ?? ???? ???

??? ?? ???? SQL Server ??????? ?? SSL ??????????? ?? ?????, ????? ?? ???? ??? ??? ???????????? ?????? ?? ??????? SQL ????? ?? ??????: ??????????? ????? ??? ?? ???????? ?? ???-??? ??? ???? ???? ?? ??? ?????? ???? ???? ???? ???? ?????? ???? ?????, ????? ?? Microsoft ???? ?? ?????????? ?? ????? ???? ?? SSL ??????????? ?? ??? SQL Server ??????? ??:
  1. ??????? ??? ???????? ??? ?? ?????? ???? ??????? ?????
  2. ????????? ??? ??????? ???????? ??????? ?? ??????? ?????
  3. ????? ????????????? ??????????? ?? ????? ??????????? ??????? ?? ????? ???? ??????? ?????????? ?? ?????? ???????
???? ??????? ?? ???, Microsoft ?????? ??? ??? ???? ????? ?? ??? ????? ???? ?????? ????? ????::
319349BUG: ??? ??? ?????? ???? ??, ?? ???????????? ?? "?? ????????? ???????????" ?????? ???? ????
??????? ???????? ?? ???? ????? ?? ??? ????? ?? ?????????? ???? ?? ??? ???? ?????? ???? ?? ??? ????? ????? ?? ??????? ????? ???? ?? ???? ?? ??? ??????????? ?????? ???? ??? ????? ?? ?? ??? ??????? SQL Server ???? ??? ????? ?? ??????????? ????? ????? ??? ??? ??????? ?? ??? ??????????? ????? ??? ?? ??????? ???????? ?? ??????????? ????? ??, ???? SQL ????? ???? ???????????? ??????? ???? ?? ??? ?? ??????? ?? ??? ???? ??????? ?? ?????? ?????

??? ??, ?? ?? ????? ?? ?? ????????? ??????????? ????? ??, ??? encrypts ????? ?? ????? ???????, ?? ?????? ???? ??????? ?? ?? ?? ??? ?????????? ?? ??????? ???? ?? ??? ??? ??? ?? ??????? ?? ?? ?? ??? ?????????? ?? ??????? ???? ?????, ?? ???? ????? ???? ????? ??????? ??????? ?????? ?? ??????? ???????? ?????? ????????? ?? ????? ???? ?? ??? ??????? ?? ???????????? ?? ??????? ?? ?????? ???

SQL ????? ??????? ???? ???? ??? ?????? ???? ?????? ?? ?? ??? ???? ???? MSSQLServer ???? ??????? ???? ?? ??? ????? ???? ??? ?? ?? ??? ?????? ???? ???? ??? ???? ??? ?????, Microsoft ??????? ???? ?? ?? ?????? ?????????? ?? ?? ??? ?? ??? ?? MSSQLServer ???? ??????? ???? ?? ??? ????? ???? ??? ?? ?? ?????????? ???? ?? ????? ???? ??? ????

If Microsoft Internet Information Services (IIS) is installed on the computer that is running SQL Server, you can also use the IIS Service Manager Wizard on theDirectory Security??? ?? ????? ????.. The certificate must be a server certificate that was issued to the fully qualified domain name (FQDN) of the server. You cannot use the IP address for the certificate name. A client computer must request the connection to the server by the FQDN or NetBIOS name of the server. You cannot connect to the server by using the IP address of the computer that is running SQL Server.

If the computer has multiple certificates installed in the user store or in the machine store, you may have to specify which certificate should be used for SQL Server.

Create a Certificate value of type REG_BINARY in the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib
Click on the Certificate value, and then type the thumbprint property value of the certificate in the data column.

As an example, the registry should appear similar to the following when you export it:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib] "Certificate"=hex:2e,67,3e,84,4a,4f,e0,7f,08,42,6a,7a,35,9b,01,94,76,67,0b
If this registry key is set to 0 on the computer, the computer ignores the certificates on the computer. The computer that is running SQL Server will start but not read the certificate on the computer. If you want to use encryption and the computer only has one certificate, you do not need this registry key.

The only way to verify that you have successfully made an encrypted connection is to capture the traffic between two computers by using Microsoft Network Monitor or a Network Sniffer tool.For more information about how to setup Microsoft Network Monitor, click the following article number to view the article in the Microsoft Knowledge Base:
243270How to install Network Monitor in Windows 2000

Request and install a certificate by using a certificate server

  1. Make a HTTP connection to the certificate server while you are logged on by using the same account that you used to start the MSSQLServer service. For example, you can make the following connection:

    ???:
    Microsoft recommends that you start the MSSQLServer service by using a domain user account or a local user account that has minimal privileges and not the local system account.
  2. ??? ??????? ?????????? ?????? ?????? ????-????? ????, ?? ???? ???next.
  3. ?????Choose Request Type:page, click to selectAdvanced request?? ????-????? ????, ?? ???? ???next.
  4. ??? ????Submit a certificate request to this CA using a form?? ????-????? ????, ?? ???? ???next.
  5. Enter the fully qualified domain name of your computer in the???????? ???? Ping your computer to get the fully qualified domain name if you are not sure what it is.
  6. ?????Intended Purposesection, change the selection toServer Authentication Certificateby using the drop-down list box from the Client Authentication Certificate. For an Enterprise Certificate Authority you would choose a template instead.
  7. ????? ????Store certificateoption in the local computer certificate store.
  8. Leave all other items as the default. ????? ????,????? ????.
  9. The last page presents you with aCertificate to Installhyperlink. ????? ????,?? ?????????? ??????? ????.
To verify that your certificate installation is correct, use either the MMC Certificate snap-in to verify the certificates or use the CertUtil.exe tool that is installed on the certificate server to list the certificates. To load the MMC Certificate snap-in, follow these steps:
  1. To open the MMC console, clickStart,?? ????-????? ????, ?? ???? ????????.
  2. ??????????????? ????? ???, ??????MMC?? ????-????? ????, ?? ???? ???OK.
  3. ????? ????????????? ??,?????/??????? ?????-??.
  4. ????? ????,add?? ????-????? ????, ?? ???? ????????? ????.
  5. ????? ????,add.

    You are prompted to open the snap-in for the current user account, for the service account, or for the computer account.
  6. ????? ????,???????? ????.
  7. ????? ????,Local computer?? ????-????? ????, ?? ???? ?????????
  8. ????? ????,??? ????.
  9. ????? ????,OK.

    Your installed certificates are located in the Certificates folder in the????????????????? ?? ????
Double-click the certificate, and then make sure that all the following are true:
  • A private key corresponds to this certificate.
  • The certificate Subject Name is equal to the FQDN of the computer.
  • The intended purpose of the certificate is for server authentication.
  • The certificate path has a valid chain to the root authority.

Enable SSL encryption on the SQL Server

After the certificate is installed on the server, you can enable SSL encryption by following these steps:
  1. Use the SQL Server Network Utility and click to select theForce protocol encryption??? ?????.
  2. Stop, and then restart the MSSQLServer service for the Default Instance or Named Instance.
  3. Use the SQL Server error log to verify that SQL Server did not report any errors when it started.

Enable SSL encryption for a specific client

??? ?? ????? ?? globally SSL ??????????? ????? ???? ?? ??? ???? ?????, ?? ?? ??????? ??????? ?? SSL ??????????? ????? ?? ????? SSL ????? ???? ????? ?? ??????? ?? ???, ????? ?? ??????????? ?? ????? ?? ?? ?????? ??? ?? ?? ????? ??????? ?? ???? ?? SSL ??????????? ????? ??, ??????? ???????? ????? ?????? ???? ?? ??????? ???? ?????? ?????? ???? ?? ????? ?? ???? ?? ????? ???? ?????? ??????? ???????? ???? ?????????? ?? ???????? ???? ??, ????? ?? ????? ?????? ???? ????????? ??? ?????????? ?????????? ?? ??? ??? ???? ?????? ????? ??????? ?? ???? ?? SSL ??????????? ????? ???? ?? ???, ????? ????? ?? ???? ????:
  1. ????????? ???? ?? ?? ????? ???? ?? ??? ????????????? ??????????? ?? ????? ????????? ??????? ?????? ??? ???????
  2. ??????? ???????? ?? ??? ??????? ??????? ?? ?? ??????? ?? ????? ?? ??? ???????? ?? ??? ????? ???????????? ???? ?? ?????? ?? ??? ??????? ?????? ?? ???? ??????? Sniffer ????? ?? ????? ?? ??????
  3. SQL Server ??? ??? ???????? ?? ???????? ?? ????? ?? ?? Internet Explorer ????? ?? ????-????? ?????
  4. ????-????? ???????.
  5. ????? ?????????????? ?? ????? ????..
  6. ????? ????,?????? ????.
  7. ????? ????,????????? ??? ?????????? ??????????.
  8. ?? ??? ???? ?? ??? ????? ?????????????? ??????????.
  9. ????? ????,????????? ????-????? ????, ?? ???? ???next.
  10. ???????????? ????? ??????????? ????? ???, ????? ??????????????????? ????? ???????? ???? - PKCS # 7 ?????????? (. P7B).
  11. ?? ??? ???? ?? ??? ????? ??????? ???? ?? ?????????? ?? ??? ??? ?????? ???? ???????? ?????.
  12. ????????? ?????????? ?? ??? ??? ????? ??? ?? ??? ????? ????????? ???? ?? ???? ?? ????? ?? somewhere ?? ??????? ???????? ??? ???? ???? ?? ??? ??? ??? ?????? ?? ???? ????
  13. ????? ????,next?? ????-????? ????, ?? ???? ?????????.
  14. ??????? ???????? ?? ???? ??????? ???????? ?? ??? ????, ????-????? ????????? ????? ????,????????? ????-????? ????, ?? ???? ????????? ????.
  15. ????? ????????????? ??? ?????????? ????????????? ?? ????? ????..
  16. ????? ????,???? ????????? ????,next????? ????,????????? ????-????? ????, ?? ???? ??????? ?? ??? ?? ?????? ?? ?????? ?????: PKCS # 7 Certificates(*.p7b).
  17. ?? ???? ??????? ?? SQL ????? ?????? ???? ?? ??? ????, ?? ???? ??? ????? ?????????. ????? ????,next.
  18. ?? ??? ???? ?? ??? ????? ????????: ?????????? ?? ?????? ?? ?????? ?????????? ?????? ?? ??? ??????? ?????.
  19. ????? ????,???????? ?? ??? ????? ?????????? ??? ???????
  20. ????? ????,next?? ????-????? ????, ?? ???? ?????????.
  21. ??? ?? ??? ??? ????? ????? ????? ??:
    ???? ???? ??? ???.
  22. ???????? ???? ?? ?????? ???? ????????? ??? ?? ??????? ????? ?????? ???? ???????, ?? ???????? ?????????? ????? ???? ?????.
  23. ????? ????,????????????? ???? ?? ?????? ???? ??? ??? ????????? ???? ??????? ??? ?? ?? ???? ?? ????
  24. ????? ?????????????? ?????, ?? ???? ??? ??? ?? ???? ?? ??? ??? ?? ?? ????? ?? ??? ?????????? ?????? ?? ???? ????OK.
  25. ??????? ??????? ?????? ?????, ?? ?? ?? ??? ???? ?? ??? ????? ????????????? ??????????? ?? ????? ??????? ?????.

??? ??????? ?? ??????????? ?? ??????? ????

??? ??????? ?? ??????????? ?? ??????? ?? ??? ????? ??????? ??? ?? ???? ?? ?? ?????:
  • ?????? ???????? ????? ?? ????? ?????
  • ?? ????? ??? ODBC ????????? ???? ?? ??????? ???????? ??? ???? ????

?????? ????????

SQL ?????? ???????? ????? ?? ???? ???? ?? ??? ????? ????? ?? ???? ????:
  1. SQL ????? ??????? ??????? ?????? ?? ????? ?????
  2. ?? ??? ???? ?? ??? ????? ????????????? ??????????? ?? ????? ??????? ?????.
  3. ?????? ???????? ?? ????? ???? SQL Server 2000 ??? ??? ?? ?? ????? ?? ?????? ?????
  4. ????? ?? Microsoft ??????? ?? ????? ???? ??????? ?????? ?? ???? ??????? Sniffer.

ODBC ?????????

??? ODBC ????????? ?? ??? ??????? ???? ?? ??? ????? ????? ?? ???? ????:
  1. ODBC ?? OLEDB ??????? ???????? ?? ??????? ????:

    ODBC
    Driver=SQLServer;Server=ServerNameHere;UID=UserIdHere;PWD=PasswordHere;Network=DBNETLIB.DLL;Encrypt=YES
    						
    OLEDB
    Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security Info=False;Initial Catalog=dbNameHere;Data Source=ServerNameHere;Use Encryption for Data=True
  2. SQL Server 2000 ??? ??? ???????? ?? ?????? ?? ?? ????? ?? Microsoft ??????? ?????? ?? ???? ??????? Sniffer ?? ????? ???? ??????? ?????

??????

???? ??????? ?? ???, Microsoft ?????? ??? ??? ???? ????? ?? ??? ????? ???? ?????? ????? ????::
316898Microsoft ??????? ????? ?? ????? ?? ?? SQL ????? ??????? ?? ??? SSL ??????????? ????? ???? ?? ??? ???? ????

???

???? ID: 276553 - ????? ???????: 17 ??????? 2011 - ??????: 3.0
???? ???? ???? ??:
  • Microsoft SQL Server 2000 Standard Edition
  • Microsoft SQL Server 2000 64-bit Edition
??????: 
kbhowtomaster kbmt KB276553 KbMthi
???? ?????? ????????
??????????: ?? ???? ?? ???? ??????? ?? ????? ?? Microsoft ????-?????? ?????????? ?????? ?????? ???? ??? ??. Microsoft ???? ??? ????-???????? ?? ????-???????? ????? ?????? ?? ???? ???????? ???? ?? ???? ????? ????? ??? ?? ??? ?????? ?? ???? ???? ???? ??? ????? ??. ???????, ????-???????? ???? ????? ???? ???? ???? ???. ?????, ????????, ?????-???? ?? ??????? ?? ???????? ?? ???? ???, ???? ?? ??? ?????? ???? ???? ??? ????? ??? ?? ???? ??. Microsoft ??????? ??? ???? ?? ?????? ?? ??????????, ????????? ?? ??? ?????? ?? ???? ????? ?? ???? ???????? ?? ??? ???? ????? ?? ??? ????????? ???? ??. Microsoft ????-?????? ?????????? ?? ????? ?????? ?? ?? ??? ??.
?????????? ?? ??????? ????????? ??????? ??:276553

??????????? ???

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com