Configuring IBM Integration Bus to connect to SQL Server with Kerberos and SSL support: Part 3
The following task demonstrates the next steps in enabling SSL support for SQL server.
You must complete the steps in the previous tasks: Configuring IBM Integration Bus to connect to SQL server: Part 1 and Configuring IBM Integration Bus to connect to SQL server with Kerberos: Part 2. You must have administrator privileges on your SQL server machine.
Before you begin
About this task
Now that the initial steps are complete, you must log in as an administrator on your SQL Server machine to complete that next set of steps.
The following set of certificates are needed:
- A certificate for the SQL Server.
- A certificate for IBM® Integration Bus
Note: These certificates cannot be self-signed certificates, they must be issued by a trusted authority. Create a temporary certificate authority for development purposes if necessary, using openssl or lightweight CA software. You must ensure that the certificates match the machine names.
Complete the following steps.
- Open the Microsoft Management Console as an administrator on your SQL server machine.
- Go to and select .
- Optional: (Complete this step only if you are using a local certificate authority). Expand the Trusted Root Certification Authorities folder.
- Optional: (Complete this step only if you are using a local certificate authority). Right-click the open folder and select cacert.pem, and import it to Trusted Root Certification Authorities.. Browse and select your certificate authority root certificate
- Expand the Personal folder.
- Right-click the open folder and select . Browse and select the private key and certificate for the server as provided by the certificate authority , and import it to Personal.
- Right-click on the newly imported sqlserver.domain.company.com certificate, and select
- Open the SQL Server Configuration Manager, and select SQL Server Services.
- Double-click the SQL Server entry and copy the Account Name.
- Switch back to the Microsoft Management
Console Certificates dialog and complete the
following steps:and add the Account Name that
you copied in the previous step, and search on the local machine.
- Click Add.
- Paste the Account Name that you copied in step 9
- Click Check Names.
- Click OK.
- Enable the account Full Control on the private keys.
- Click OK.
- Switch back to the SQL Server Configuration Manager, and expand SQL Server and Network Configuration.
- Right-click Protocols for SQLServer where SQLServer is
the name you have used throughout these tasks, and select Properties.
Open the Certificate tab.
- Select the imported certificate from the drop-down box.
- Select the Flags tab, and set Force Encryption to Yes.
- Restart the SQL Server from the SQL Services window.
- Update the odbc.ini file again to
add the following configuration:
- Rerun the test application.