Set up SQL Server to use Secure Sockets Layer (SSL) security - Perceptive Content Database Install Guide - Foundation 24.1 - Foundation 24.1 - Ready - Perceptive Content - external

Perceptive Content Database Install Guide

Perceptive Content
Perceptive Content Database Install Guide
Foundation 24.1

SSL security uses cryptography and symmetric encryption to provide communication security at the transport layer for data sent over a network for application-specific protocols such as HTML and SMTP. To set up SQL Server to use Secure Sockets Layer (SSL) security, complete the following steps.

Import a certificate from a third party Certificate Authority, bind the certificate to a port number, and configure the certificate.

  1. Click Start, and then click Run.
  2. In the Run dialog box, type cmd and then click OK.
    1. In the Command Prompt window, run mmc.exe.
    2. To add the certificates snap-in for the local machine, click File > Add/Remove snap-in > Certificates.
    3. Select Computer account, and then click Finish, and OK.
  3. In the tree view, navigate to Certificates > Personal, and right-click Certificates.
    1. Select All Tasks > Import.
    2. In the Certificate Import Wizard dialog box, browse to the PFX file, and click Next.
    3. To import the key, enter the password, select the options you want, and click Next.
      Note: To secure your PFX file somewhere other than on the production machines where it is used, do not select Mark this key as exportable.
    4. When prompted, specify where the certificates are stored, and select Personal.
    5. Click Finish.
  4. Navigate to the file location of the imported certificate. In the Actions pane, under the certificate name, click More actions, click All tasks, and click Manage private keys.
  5. Add the instance name that the SQL Server instance is running as, and then give the user full control.
  6. Open ODBC Datasource Administrator and complete the following substeps.
    1. On the DSN tab, select Datasource, and click Configure.
    2. On the Security tab, change the encryption method from none to SSL.
    3. To verify the connection, click Test Connection.
  7. Close ODBC Datasource Administrator.
    • For Windows Vista and higher, use the Netsh.exe tool, as shown in the following example.
      netsh http add sslcert ipport=
      The certhash parameter specifies the thumbprint of the certificate, and the ipport parameter specifies the IPaddress and port and functions just like the -i switch of the Httpcfg.exe tool described. The appid parameter is a GUID that identifies the owning application.
  8. Restart the SQL Server instance.