File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Need secure jdbc connection with sql server 2005

 
Ankur Chourasia
Greenhorn
Posts: 1
Hibernate Java Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey All,

I am new in ssl certification and all related issues. I have asked by my manager to make secure jdbc connection with database. i don't have signed certificate in sql server 2005 and can not purchase for development enviornment. HAND SHAKING is important in connection. How can i do this, i've already goggled for 3 days for the same. I need:
1. Free or trail version signed certificate for sql server 2005.
2. Installation process in remote and local machine.

I have tried comodo for free certificate but they are not support on local domain/sytem IP address they required public IP and also not provide database certificates.

I don't know whether this is correct way to connect securely or not. Please help on this.

Any help would be appriciated.

Thanks,
Ankur
 
Vijitha Kumara
Bartender
Posts: 3908
9
Chrome Fedora Hibernate
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to the CodeRanch!

Moved to Security forum.
 
Arshad Noor
Ranch Hand
Posts: 34
  • 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I would strongly recommend reading this white-paper from Mozilla's website; it is one of the best introductions to Public Key Cryptography I have seen in 12+ years: https://developer.mozilla.org/en/Introduction_to_Public-Key_Cryptography.

Once you've done that, for testing purpose, use keytool - which is part of the JDK - and generate your own certificates: client and server. And then follow the instructions provided by Microsoft to configure the server certificate for the DB along with the ClientAuth option turned ON. Use the client certificate with the tool you want and then test your connection. If you've done this correctly, you should have a secure connection between the client and the server.

If this DB serves only an internal application, then you can continue to use the keytool-generated keys/certificates without having to buy one from any Certification Authority.

Arshad Noor
StrongAuth, Inc.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic