-
Notifications
You must be signed in to change notification settings - Fork 293
Using Self Signed Certificate with SqlClient
Lawrence Cheung edited this page Dec 13, 2022
·
4 revisions
Before we start let's have a brief look at Self-Signed Certificate definition:
In cryptography and computer security, self-signed certificates are public key certificates that are not issued by a certificate authority (CA). These self-signed certificates are easy to make and do not cost money. However, they do not provide any trust value. Read more
Remember that the subject of a self-signed certificate must be the very same name as the FQDN.
- Change
<FQDN>
in-Subject
property to your Fully Qualified Domain Name (FQDN) int the followingPowerShell
command and run it:
New-SelfSignedCertificate -Subject "CN=<FQDN>" -KeyAlgorithm RSA -KeyLength 2048 -CertStoreLocation "cert:\LocalMachine\My" -TextExtension @("2.5.29.17={text}DNS=localhost&IPAddress=127.0.0.1&IPAddress=::1") -HashAlgorithm "SHA256" -Type SSLServerAuthentication -Provider "Microsoft RSA SChannel Cryptographic Provider"
- type in search area the keyword
run
. When theRun
application is opened type inmmc
. - Click on Add/Remove Snap-in
- In the left column click on
Certificates
and then click onAdd >
button. - Select
Computer account
and clickNext >
and clickFinish
. You should be seeing something similar to the below picture:
- Press
OK
.
- Now in the left panel, under Personal select Certificate.
- On the right panel you should be able to see the newly created certificate. The name will be your FQDN.
- Right click on the certificate > All Tasks > Manage Private Key
- Add required permission for SQL server instance user (NT Service\MSSQLSERVER).
Now you should be able to import this certificate to SQL server using SQL Server Configuration Manager
.