Question on encryption/ keys/ certificates/ etc.

SQL2K5
SP1
I was able to sucessfully create a Master Key, create a Certificate, create
a Symmetric Key and assign it to the Certificate, insert encrypted data, and
then decrypt/ read that data. Pretty cool stuff. But Im reading up on the
topic and Im under the impression that I should also have needed too:
Set Force Encryption to Yes.
Configure the DB engine to use a Cert.
Reboot the box.
But I didn't have to do any of that. I just went and verified the settings
and thats not how SQL is configured. Im obviosuly missing something pretty
big here, can someone please assist?
TIA, ChrisRThat's 2 different things, what you've been doing is encrypting data stored
in the database. The other stuff you are talking about is encrypting traffic
from clients to SQL Server and vice versa. If you don't have that
requirement then don't worry about it. In SQL 2005, standard SQL logins are
encrypted anyway by a self generated certificate however general traffic
to/from the server (batches/results etc) are not. They are 2 completely
different and separate things.
HTH,
Jasper Smith (SQL Server MVP)
http://www.sqldbatips.com
"ChrisR" <NotAChance@.ms.com> wrote in message
news:esEA%23%23AtGHA.1876@.TK2MSFTNGP06.phx.gbl...
> SQL2K5
> SP1
> I was able to sucessfully create a Master Key, create a Certificate,
> create
> a Symmetric Key and assign it to the Certificate, insert encrypted data,
> and
> then decrypt/ read that data. Pretty cool stuff. But Im reading up on the
> topic and Im under the impression that I should also have needed too:
> Set Force Encryption to Yes.
> Configure the DB engine to use a Cert.
> Reboot the box.
> But I didn't have to do any of that. I just went and verified the settings
> and thats not how SQL is configured. Im obviosuly missing something pretty
> big here, can someone please assist?
> TIA, ChrisR
>|||As mentioned, I was missing something pretty big. ;-)
Thanks Jasper.
"Jasper Smith" <jasper_smith9@.hotmail.com> wrote in message
news:eaL$0QCtGHA.4784@.TK2MSFTNGP04.phx.gbl...
> That's 2 different things, what you've been doing is encrypting data
stored
> in the database. The other stuff you are talking about is encrypting
traffic
> from clients to SQL Server and vice versa. If you don't have that
> requirement then don't worry about it. In SQL 2005, standard SQL logins
are
> encrypted anyway by a self generated certificate however general traffic
> to/from the server (batches/results etc) are not. They are 2 completely
> different and separate things.
> --
> HTH,
> Jasper Smith (SQL Server MVP)
> http://www.sqldbatips.com
>
> "ChrisR" <NotAChance@.ms.com> wrote in message
> news:esEA%23%23AtGHA.1876@.TK2MSFTNGP06.phx.gbl...
the[vbcol=seagreen]
settings[vbcol=seagreen]
pretty[vbcol=seagreen]
>