SQL Server Performance

SSL in SQL 2000 A/P Cluster

Discussion in 'SQL Server Clustering' started by acki4711, Feb 7, 2006.

  1. acki4711 Member

    Hi all,
    Want to install a SSL cert on a SQL 2000 (SP4).
    Followed the instructions on:
    http://www.mcse.ms/archive84-2004-8-962548.html
    (The only exeption, I added a email addr. in the request)

    What I did:
    - created request file (with exportable keys) with CertReq.exe
    - added the cert as MSSQLServer Service user in cert. store
    - exported the cert (and key) and inserted in the second node
    - added the thumbprint to the registry
    - restarted mssqlservice and tested to move the nodes -> OK

    I'm now not able to test the SSL communication by enabling the client side "force encryption"
    I get "SSL Security error" on the client.

    Any kick in the right direction is highly appreciated!
    TIA
    Dan Ackermann



  2. Argyle New Member

  3. acki4711 Member

    Hi all,
    The problem was that our CA could not issue two certificatas (2 nodes) for the same FQDN. (Don't know if this is possible with other (Microsoft) CA's).
    I had to install the same certificate on both nodes.

    That's how I did it:
    - reqest the certificate on one node (request needs to be formulated with exportable keys and that's only possible with the utility CertReq.exe)
    - install the certificate on one node
    - export the certificate (with keys)
    - and import it on the 2nd node.

    Detailed description could be found here:
    http://www.mcse.ms/archive84-2004-8-962548.html

Share This Page