Set up SQL Server to use Secure Sockets Layer (SSL) security - Perceptive Content Database Install Guide - Foundation 24.1 - Foundation 24.1 - Ready - Perceptive Content - external

Perceptive Content Database Install Guide

Platform
Perceptive Content
Product
Perceptive Content Database Install Guide
Release
Foundation 24.1
License

SSL security uses cryptography and symmetric encryption to provide communication security at the transport layer for data sent over a network for application-specific protocols such as HTML and SMTP. To set up SQL Server to use Secure Sockets Layer (SSL) security, complete the following steps.

Import a certificate from a third party Certificate Authority, bind the certificate to a port number, and configure the certificate.

  1. Click Start, and then click Run.
  2. In the Run dialog box, type cmd and then click OK.
    1. In the Command Prompt window, run mmc.exe.
    2. To add the certificates snap-in for the local machine, click File > Add/Remove snap-in > Certificates.
    3. Select Computer account, and then click Finish, and OK.
  3. In the tree view, navigate to Certificates > Personal, and right-click Certificates.
    1. Select All Tasks > Import.
    2. In the Certificate Import Wizard dialog box, browse to the PFX file, and click Next.
    3. To import the key, enter the password, select the options you want, and click Next.
      Note: To secure your PFX file somewhere other than on the production machines where it is used, do not select Mark this key as exportable.
    4. When prompted, specify where the certificates are stored, and select Personal.
    5. Click Finish.
  4. Navigate to the file location of the imported certificate. In the Actions pane, under the certificate name, click More actions, click All tasks, and click Manage private keys.
  5. Add the instance name that the SQL Server instance is running as, and then give the user full control.
  6. Open ODBC Datasource Administrator and complete the following substeps.
    1. On the DSN tab, select Datasource, and click Configure.
    2. On the Security tab, change the encryption method from none to SSL.
    3. To verify the connection, click Test Connection.
  7. Close ODBC Datasource Administrator.
    • For Windows Vista and higher, use the Netsh.exe tool, as shown in the following example.
      netsh http add sslcert ipport=0.0.0.0:8000
      certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6
      appid={00112233-4455-6677-8899-
      AABBCCDDEEFF}
      The certhash parameter specifies the thumbprint of the certificate, and the ipport parameter specifies the IPaddress and port and functions just like the -i switch of the Httpcfg.exe tool described. The appid parameter is a GUID that identifies the owning application.
  8. Restart the SQL Server instance.