Last modified by Sabrina V. on 2025/11/24 15:00
From version 1.1
edited by jklein
on 2024/08/13 08:28
Change comment: Imported from XAR
To version 2.1
edited by Sabrina V.
on 2025/11/24 15:00
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.jklein
1 +XWiki.SV
Content
... ... @@ -31,12 +31,9 @@
31 31  * //Digital Signature// and //Key Encryption// must be listed in the //Key Usage// extension.
32 32  * //Server Authentication// (1.3.6.1.5.5.7.3.1) must be listed in the //Enhanced Key Usage// extension.
33 33  
34 -
35 35  The certificate and private key must be stored in the Windows Certificate Store //Personal// for Local Machine. In addition, the user running SQL Server must have read access to the private key.
36 36  
37 -
38 38  
39 -
40 40  
41 41  **Granting read permission to the SQL Server service**
42 42  
... ... @@ -51,8 +51,7 @@
51 51  {{/aagon.infobox}}
52 52  
53 53  {{figure}}
54 -(% style="text-align:center" %)
55 -[[image:Account des SQL Server Dienst bestimmen.png||height="624" width="826"]]
51 +[[image:Account des SQL Server Dienst bestimmen.png||data-xwiki-image-style-alignment="center" height="624" width="826"]]
56 56  
57 57  {{figureCaption}}
58 58  Determine the account of the SQL Server service
... ... @@ -65,8 +65,7 @@
65 65  To do this, first open the Cert Manager for the local computer (e.g. open mmc.exe and add the snap-in) and then select the //Personal// > //Certificates// //directory//. Locate the certificate for which you want to enable read rights and right-click on it. In the menu that opens, select //All Tasks// > //Manage Private Keys...//.
66 66  
67 67  {{figure}}
68 -(% style="text-align:center" %)
69 -[[image:Leserechte gewähren.png]]
64 +[[image:Leserechte gewähren.png||data-xwiki-image-style-alignment="center"]]
70 70  
71 71  {{figureCaption}}
72 72  Open Cert Manager for the Local Computer
... ... @@ -76,8 +76,7 @@
76 76  Then add the SQL Server account. In the following picture, the account is //NT Service\MSSQL$SQLEXPRESS//. Once you have added the account, you must give it the appropriate permissions. Enable read-only and confirm with //OK//.
77 77  
78 78  {{figure}}
79 -(% style="text-align:center" %)
80 -[[image:Leserechte dem Nutzer gewähren.png]]
74 +[[image:Leserechte dem Nutzer gewähren.png||data-xwiki-image-style-alignment="center"]]
81 81  
82 82  {{figureCaption}}
83 83  Add read rights to the account
... ... @@ -97,8 +97,7 @@
97 97  \\To assign a certificate to SQL Server manually, you need to follow a few steps. First, open the SQL Server Configuration Manager and expand the SQL Server Network Configuration menu item. There you will find //Protocols for SQLEXPRESS//, which you must open by right-clicking and selecting //Properties//.
98 98  
99 99  {{figure}}
100 -(% style="text-align:center" %)
101 -[[image:SQL Server Configuration Manager.png]]
94 +[[image:SQL Server Configuration Manager.png||data-xwiki-image-style-alignment="center"]]
102 102  
103 103  {{figureCaption}}
104 104  SQL Server Network Configuration
... ... @@ -108,8 +108,7 @@
108 108  In the window that opens, navigate to the //Certificate// tab and select the appropriate certificate. In the figure below it is the //SQLServer// certificate. Then go back to the first tab //Flags// and select the option //Force Encryption// by setting it to //Yes//.
109 109  
110 110  {{figure}}
111 -(% style="text-align:center" %)
112 -[[image:Protocols for SQLEXPRESS Properties.png]]
104 +[[image:Protocols for SQLEXPRESS Properties.png||data-xwiki-image-style-alignment="center"]]
113 113  
114 114  {{figureCaption}}
115 115  Protocoll for SQLEXPRESS Properties
... ... @@ -130,8 +130,7 @@
130 130  If you select the //Trust server certificate// checkbox, any certificate will be considered valid. This is not recommended for production use!
131 131  
132 132  {{figure}}
133 -(% style="text-align:center" %)
134 -[[image:Test mit SSMS.PNG]]
125 +[[image:Test mit SSMS.PNG||data-xwiki-image-style-alignment="center"]]
135 135  
136 136  {{figureCaption}}
137 137  Connection test via the SQL Server Management Studio
... ... @@ -143,8 +143,7 @@
143 143  {{/aagon.infobox}}
144 144  
145 145  {{figure}}
146 -(% style="text-align:center" %)
147 -[[image:SSMS Login.PNG]]
137 +[[image:SSMS Login.PNG||data-xwiki-image-style-alignment="center"]]
148 148  
149 149  {{figureCaption}}
150 150  Connect to Server
... ... @@ -171,8 +171,8 @@
171 171  
172 172  == IPSec ==
173 173  
174 -Alternatively, if you want to use an IPSec tunnel to establish an encrypted connection between the ACMP Server and the SQL Server, read the procedure here.
164 +Alternatively, if you want to use an IPSec tunnel to establish an encrypted connection between the ACMP Server and the SQL Server, read the procedure [[here>>https://stackoverflow.com/questions/36817627/ssl-certificate-missing-from-dropdown-in-sql-server-configuration-manager/36823345#36823345]].
175 175  
176 176  === Next recommended actions ===
177 177  
178 -* [[Customise connection string>>https://stackoverflow.com/questions/36817627/ssl-certificate-missing-from-dropdown-in-sql-server-configuration-manager/36823345#36823345]]
168 +* [[Customise connection string>>doc:.Connectionstring anpassen.WebHome]]
© Aagon GmbH 2026
Besuchen Sie unsere Aagon-Community