Connect to SQL Server over SSL and Obtain a Server Certificate

Question

Connect to SQL Server over SSL and Obtain a Server Certificate

I would like to connect to SQL Server configured for SSL on port 1433 and get its certificate. I don't need to do SQL, I just want to establish an SSL connection and get a SQL Server certificate.

The following code can get the web server certificate but cannot get the SQL Server certificate - the connection fails after a timeout period.

using (client = new TcpClient())
{
    client.Connect(Hostname, Port);
    var callback = new RemoteCertificateValidationCallback(ValidateServerCertificate);

    using (stream = new SslStream(client.GetStream(), false, callback))
    {
        stream.AuthenticateAsClient(Hostname);
    }
}

Should SQL Server clients use some initial negotiation to force the server to switch to SSL? In other words, does SQL Server do something similar to how STARTTLS works with SMTP?

What do I need to do with the above code to get the SQL Server certificate back?

+3

c # sql-server ssl

TonyM 04 Apr '12 at 9:26

source to share

1 answer

Charles farr · Answer 1 · 2015-07-01T18:53:30+0000

To quickly check if SSL is configured on your SQL Server, you can run the following:

SELECT session_id, encrypt_option FROM sys.dm_exec_connections

You can also force the encryption flag for SQL Server. This can be done in SQL Server Configuration Manager

Good luck let me know if it helps.

Connect to SQL Server over SSL and Obtain a Server Certificate

More articles: