|
Posted by pigeon on 06/28/05 08:35
"pigeon" wrote:
> I keep playing with the 2 keys: Certificate and Encrypt (both
> Reg Dword) in:
> HKEY_LOCAL_MACHINESOFTWAREMicrosoftMSSQLServerClientSuper
> SocketNetLib
>
> and here is the output:
>
> Cert = 1
> Encryption (key renamed to _Encryption)
> (client request encryption = encryption not supported... but
> if no client requestio encryption = fine)
>
>
> Cert = 1
> Encryption = 0
> then i get "encryption not supported on sql server"
>
> but if I do
> cert = 1
> encrption =1
> then I get "encryption request but no valid cert was found"
>
> Also note:
> cert = 0
> encryption = 0
> then I get ssl security error
>
> or when I do
> encryption = 0
> rename cert to _cert
> then i get "bind failed to 1433" in the event log
>
> Here are some more:
> Encryption =0
> Certificate = (fingerprint of cert)
> then i get "bind failed to 1433" in the event log
>
> Encryption =1
> Certificate = fingerprint of cert
> (This will encrypt all the traffic.. and this works.. but a
> lot of our software is etup to do request ssl client side..
> and of course clientside and serverside ssl request do not
> work... (another known 'flaw'.. )
>
> or
> cert = fingerprint
> renamed encryption to _encryption
> then i get "bind failed to 1433" in the event log
>
> or
> cert = 0
> renamed encryption to _encryption
> then i get "bind failed to 1433" in the event log
>
> my certificate's name is the computer name (netbios).. i can
> also ping name of computer.. and that name is on the cert...
>
> I only have one certificate installed for this server..
>
> Any ideas?
And yes..
I have looked at:
http://support.microsoft.com/kb/322144
and nearly everything on googles results for "connectionopen
(SeCDoClientHandshake().]SSL Security error."
[Back to original message]
|