Right. As far as I know, port 1433 should be open between the two test machines. They talk fine until encryption is turned on. None of the documentation I've found says anything about encryption causing a port change.
We followed these instructions for the SQL encryption: support.microsoft.com/servicedesks/webcasts/wc042302/WC042302.ppt The CA setup was...less informed. However, it seems to be working while the Force Encryption causes problems. Go figure. I could probably figure it out eventually, if I had time, but delaying projects for another week or two while I monkey about with it just ain't feasible. Next time, I'll do all the setup myself, then at least I'll know what has & hasn't been done and what the results were. ;^P > -----Original Message----- > From: Ben Johansen [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 09, 2003 5:33 PM > To: [EMAIL PROTECTED] > Subject: RE: Witango-Talk: OT: Looking for help - Certificates and SQL > > > Whoa here ;-) > > HTTPS is for SSL com to IIS on port 443 > SQL talks on port 1433 to ODBC > > > Browser(https) <--> IIS(SSL) port 443 > > Witango (ODBC <--> SQL Odbc Driver port 1433 > > Ben Johansen - http://www.pcforge.com > Authorized Witango & MDaemon Reseller > Available for Witango Developement > > > -----Original Message----- > From: Scott Cadillac [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 09, 2003 3:21 PM > To: [EMAIL PROTECTED] > Subject: RE: Witango-Talk: OT: Looking for help - Certificates and SQL > > Hi Jamileh, > > Maybe that's the trick to get this working. > > In IIS when SSL is installed, HTTPS listens on port 443 > instead of the default 80. > > Maybe when SSL is installed with SQL Server, it doesn't > listen on the default port 1433 anymore - maybe it's just > listening on a different port? > > Maybe Enterprise Manager and the other SQL Client components > just have to be configured for the different port? > > In the SQL Server Client Network Utility, you can configure > different ports for the default and there is a flag to "Force > protocol encryption" > > Hope this helps. Cheers...... > > Scott Cadillac, > Witango.org - http://witango.org > 403-281-6090 - [EMAIL PROTECTED] > -- > Information for the Witango Developer Community > --------------------- > > XML-Extranet - http://xmlx.ca > 403-281-6090 - [EMAIL PROTECTED] > -- > Well-formed Development (for hire) > --------------------- > > > > -----Original Message----- > > From: Wilcox, Jamileh (HSC) [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, December 09, 2003 4:10 PM > > To: [EMAIL PROTECTED] > > Subject: RE: Witango-Talk: OT: Looking for help - > Certificates and SQL > > > > Dunno, I'll have to ask. I hadn't even gotten as far as > > trying to set up any https files, and hadn't installed certs > > on IIS yet. We were just trying to get the boxes to talk > > over the default SQL port. > > > > > -----Original Message----- > > > From: Jeff Bohmer [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, December 09, 2003 4:59 PM > > > To: [EMAIL PROTECTED] > > > Subject: Re: Witango-Talk: OT: Looking for help - > > Certificates and SQL > > > > > > > > > > > > A quick thought: do you have port 443 open to your web > > server(s) on > > > any firewalls and in W2K network config? > > > > > > - Jeff > > > > > > > > > >OK, we have need to secure our internal communications > > > between servers. > > > > > > > >Plan: set up inhouse Certificate Authority, and use those > > > certificates > > > >to encrypt communications between IIS and MSSQL servers. > > > The ultimate > > > >goal is to have encrypted Witango websites available via the > > > internet, > > > >securely accessing restricted SQL databases behind our > > > firewall. We're > > > >talking serious federal regs here; we've got to be sure the data > > > >remains protected. > > > > > > > >We've set up a CA on our intranet webserver and added > > > certificates to > > > >two test servers (IIS5 & MS-SQL2000, both on W2K). The CA > > > seems to be > > > >working OK, and certs seem to install on the servers. However, > > > >whenever we force encryption on the SQL server, we can't > > > access it at > > > >all - not from the web, not from Enterprise Manager, nada. > > > (The data > > > >was very safe, however. ;^D) > > > > > > > >No one here has ever done either of these things (inhouse > > CA or SQL > > > >using certs), so we've no clue where the problem is. I'm > > pushing to > > > >get some help on this. > > > > > > > >If anyone on the list is interested in consulting on this, > > > please send > > > >me an email. I'm not making the decisions, and we're > > > notoriously slow > > > >to spend money, so don't count on anything happening soon > > or at all. > > > >But if I can send some business to one of y'all rather > > than M$, I'd > > > >rather. > > > > > > > >Thanks! j > > > > > > > > > > > >_____________________________________________________________ > > > __________ > > > >_ > > > >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > > > -- > > > > > > Jeff Bohmer > > > VisionLink, Inc. > > > _________________________________ > > > 303.402.0170 > > > www.visionlink.org > > > _________________________________ > > > People. Tools. Change. Community. > > > ______________________________________________________________ > > > __________ > > > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > > ______________________________________________________________ > > __________ > > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > ______________________________________________________________ > __________ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > ______________________________________________________________ > __________ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
