Appendix B. Installing and Configuring SSL Certificate

You can enable a secure connection from the DEMS, Administrative Service, and Runtime Service to their respective internal databases by installing the SSL certificate. You can obtain the SSL certificate from https://www.digicert.com.

If you are connecting to a remote SQL Server instance, you must prepare an SSL certificate (issued by a trusted root CA) for the SQL Server instance as follows:

On the machine where you have installed the SQL Server,

  1. Open Microsoft Management Console.

  2. Import the CA into the Trusted Root Certification Authorities.

  3. Import the SSL certificate into the Personal certification store.

  4. Open Sql Server Configuration Manager.

  5. Expand the SQL Server Network Configuration node.

  6. Right click Protocols for MSSQLSERVER (where MSSQLSERVER is your SQL Server instance) and click Properties.

    The Protocols for MSSQLSERVER Properties window appears.

  7. In the Protocols for MSSQLSERVER Properties window, select Yes for the Force Encryption option.

  8. Click the Certificate tab.

  9. In the Certificate drop down, select the SSL certificate we prepared for the SQL Server instance, and then click Apply.

  10. Click OK to close the dialog box.

  11. On the machine where you want to install DEMS, import the root CA (mentioned in step 2) into the "Trusted Root Certification Authorities" certification store.

  12. In the DEMS installation wizard, select the Secure Database check box and click Test Connection. This enables secure connection to the SQL Server instance.

If you are installing SQL Server and DEMS on the same machine, follow the same installation steps (except step 11) on the machine where you will install DEMS.

For more information, refer to How to enable SSL encryption for an instance of SQL Server by using Microsoft Management Console.