sql-server – SQL Server 2005：SQL Server身份验证的安全性如

解决方法

您可以非常轻松地配置SSL,如果您没有受信任的证书,如果您强制加密,SQL Server可以创建/发布它自己的自签名证书供您使用… from this write-up

Credentials (in the login packet) that are transmitted when a client application connects to SQL Server are always encrypted. SQL Server will use a certificate from a trusted certification authority if available. If a trusted certificate is not installed,SQL Server will generate a self-signed certificate when the instance is started,and use the self-signed certificate to encrypt the credentials. This self-signed certificate helps increase security but it does not provide protection against identity spoofing by the server. If the self-signed certificate is used,and the value of the ForceEncryption option is set to Yes,all data transmitted across a network between SQL Server and the client application will be encrypted using the self-signed certificate

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!