Yes, the documentation says to load certificates & set your root authority, then just turn on the Force Encryption. Unfortunately, it didn't work for us. That's a good article that I hadn't seen, though - thanks!
Actually, I agree about the port & have requested to change it. So far, I've not been able to talk them into it. Among other things, we have several 3rd-party proprietary systems running against that db server & no one's sure if we can make port changes to that software. One of these days, maybe. Thanks for all the suggestions & advice! j > -----Original Message----- > From: Ben Johansen [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 09, 2003 6:23 PM > To: [EMAIL PROTECTED] > Subject: RE: Witango-Talk: OT: Looking for help - Certificates and SQL > > > Yes it should be in the SQL Server and the ODBC Client setup. > > As a matter of fact I would suggest you change the port on > SQL Server from 1433 to something else. This port is one of > the most hacked on the net > > Ben Johansen - http://www.pcforge.com > Authorized Witango & MDaemon Reseller > Available for Witango Developement > > > -----Original Message----- > From: Scott Cadillac [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 09, 2003 3:49 PM > To: [EMAIL PROTECTED] > Subject: RE: Witango-Talk: OT: Looking for help - Certificates and SQL > > Yes, but what about when > > Witango (ODBC <---(via SSL)---> SQL Server?? > > I think this article is saying to just set the "Force > protocol encryption" property in the "Server Network Utility" > and the "Client Network Utility" and you're done (or > something like that). > > http://msdn.microsoft.com/library/default.asp?url=/library/en- > us/dnnetse > c/ht > ml/SecNetHT19.asp?frame=true > > Hope this helps. Cheers.... > > > -----Original Message----- > > From: Ben Johansen [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, December 09, 2003 4:33 PM > > To: [EMAIL PROTECTED] > > Subject: RE: Witango-Talk: OT: Looking for help - > Certificates and SQL > > > > Whoa here ;-) > > > > HTTPS is for SSL com to IIS on port 443 > > SQL talks on port 1433 to ODBC > > > > > > Browser(https) <--> IIS(SSL) port 443 > > > > Witango (ODBC <--> SQL Odbc Driver port 1433 > > > > Ben Johansen - http://www.pcforge.com > > Authorized Witango & MDaemon Reseller > > Available for Witango Developement > > > > > > -----Original Message----- > > From: Scott Cadillac [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, December 09, 2003 3:21 PM > > To: [EMAIL PROTECTED] > > Subject: RE: Witango-Talk: OT: Looking for help - > Certificates and SQL > > > > Hi Jamileh, > > > > Maybe that's the trick to get this working. > > > > In IIS when SSL is installed, HTTPS listens on port 443 > instead of the > > default 80. > > > > Maybe when SSL is installed with SQL Server, it doesn't > listen on the > > default port 1433 anymore - maybe it's just listening on a > different > > port? > > > > Maybe Enterprise Manager and the other SQL Client > components just have > > to be configured for the different port? > > > > In the SQL Server Client Network Utility, you can configure > different > > ports for the default and there is a flag to "Force protocol > > encryption" > > > > Hope this helps. Cheers...... > > > > Scott Cadillac, > > Witango.org - http://witango.org > > 403-281-6090 - [EMAIL PROTECTED] > > -- > > Information for the Witango Developer Community > > --------------------- > > > > XML-Extranet - http://xmlx.ca > > 403-281-6090 - [EMAIL PROTECTED] > > -- > > Well-formed Development (for hire) > > --------------------- > > > > > > > -----Original Message----- > > > From: Wilcox, Jamileh (HSC) [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, December 09, 2003 4:10 PM > > > To: [EMAIL PROTECTED] > > > Subject: RE: Witango-Talk: OT: Looking for help - > > Certificates and SQL > > > > > > Dunno, I'll have to ask. I hadn't even gotten as far as > > > trying to set up any https files, and hadn't installed certs > > > on IIS yet. We were just trying to get the boxes to talk > > > over the default SQL port. > > > > > > > -----Original Message----- > > > > From: Jeff Bohmer [mailto:[EMAIL PROTECTED] > > > > Sent: Tuesday, December 09, 2003 4:59 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: Witango-Talk: OT: Looking for help - > > > Certificates and SQL > > > > > > > > > > > > > > > > A quick thought: do you have port 443 open to your web > > > server(s) on > > > > any firewalls and in W2K network config? > > > > > > > > - Jeff > > > > > > > > > > > > >OK, we have need to secure our internal communications > > > > between servers. > > > > > > > > > >Plan: set up inhouse Certificate Authority, and use those > > > > certificates > > > > >to encrypt communications between IIS and MSSQL servers. > > > > The ultimate > > > > >goal is to have encrypted Witango websites available via the > > > > internet, > > > > >securely accessing restricted SQL databases behind our > > > > firewall. We're > > > > >talking serious federal regs here; we've got to be > sure the data > > > > >remains protected. > > > > > > > > > >We've set up a CA on our intranet webserver and added > > > > certificates to > > > > >two test servers (IIS5 & MS-SQL2000, both on W2K). The CA > > > > seems to be > > > > >working OK, and certs seem to install on the servers. However, > > > > >whenever we force encryption on the SQL server, we can't > > > > access it at > > > > >all - not from the web, not from Enterprise Manager, nada. > > > > (The data > > > > >was very safe, however. ;^D) > > > > > > > > > >No one here has ever done either of these things (inhouse > > > CA or SQL > > > > >using certs), so we've no clue where the problem is. I'm > > > pushing to > > > > >get some help on this. > > > > > > > > > >If anyone on the list is interested in consulting on this, > > > > please send > > > > >me an email. I'm not making the decisions, and we're > > > > notoriously slow > > > > >to spend money, so don't count on anything happening soon > > > or at all. > > > > >But if I can send some business to one of y'all rather > > > than M$, I'd > > > > >rather. > > > > > > > > > >Thanks! j > > > > > > > > > > > > > > >_____________________________________________________________ > > > > __________ > > > > >_ > > > > >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > > > > > -- > > > > > > > > Jeff Bohmer > > > > VisionLink, Inc. > > > > _________________________________ > > > > 303.402.0170 > > > > www.visionlink.org > > > > _________________________________ > > > > People. Tools. Change. Community. > > > > ______________________________________________________________ > > > > __________ > > > > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > > > > ______________________________________________________________ > > > __________ > > > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > > > > ______________________________________________________________ > > __________ > > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > > > ______________________________________________________________ > > __________ > > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > > ______________________________________________________________ > __________ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > ______________________________________________________________ > __________ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
