9 The SQL Server Data Provider : Data Encryption

Data Encryption
The SQL Server data provider supports SSL encryption for the following databases:
SSL secures the integrity of your data by encrypting information and providing authentication. See “Data Encryption Across the Network” for an overview.
Depending on your Microsoft SQL Server configuration, you can choose to encrypt all data, including the login request, or encrypt the login request only. Encrypting login requests, but not data, is useful for the following scenarios:
NOTE: When SSL is enabled, the data provider communicates with database protocol packets set by the server’s default packet size. Any value set by the Packet Size connection string option is ignored.
Using SSL with Microsoft SQL Server
If your Microsoft SQL Server database server has been configured with an SSL certificate signed by a trusted CA, the server can be configured so that SSL encryption is either optional or required. When required, connections from clients that do support SSL encryption fail.
Although a signed trusted SSL certificate is recommended for the best degree of security, Microsoft SQL Server 2005 and higher can provide limited security protection even if an SSL certificate has not been configured on the server. If a trusted certificate is not installed, the server will use a self-signed certificate to encrypt the login request, but not the data.
Table 9-8 shows how the different Encryption Method connection string option values behave with different Microsoft SQL Server configurations.
 
Configuring SSL Encryption
1
2
3