Please consider registering
September 30, 2012
Windows 2008 R2 server with some installed MSSQL servers (2005 – 2012). Need to created certificate with "all application policies". It ill work for all MSSQL servers.
1. Need to install windows SDK to use makecert utility.
2. command to create certificate (in command line):
makecert -r -pe -n CN="hostname" -b 01/01/2000 -e 01/01/2036 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
to view CryptoAPI names and providers go to:
3. Now need to make it trusted. Run mmc, add snap in, add Certificates, computer account, local computer, ok.
Look here for pictures if you dont know how to do that.
4. Now export certificate with name you provided in command CN="hostname" from personal certificates folder, without private keys to
.cer and import it in Trusted Root Certification Authorities. How to do that in GUI you can find at the same page (previous link).
5. Now if you will omen MSSQL configuration manager-> SQL Server Network Configuration -> Protocols for "instance_name" you can right click on protocols, choose properties, certificates and choose certificate you created, view it.
If MSSQL do not see certificate you can add it manually.
certutil -store my (obtain certificate hash)
put hash in Certificate key to:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft SQL ServerMSSQL10.<INSTANCENAME>MSSQLServerSuperSocketNetLib
You will see:
This certificate is intended for the following purpose(s):
All application policies
Most Users Ever Online: 31
Currently Browsing this Page:
Guest Posters: 0
Newest Members: Lo0oM
Administrators: Lo0oM (217)