Windows Azure SQL Database Connection Encryption

Windows Azure SQL Database Connection Encryption

Regardless of the client library chosen, data is transferred using tabular data stream (TDS) over a secure sockets layer (SSL). Windows Azure SQL Database doesn’t support unencrypted connections. This will ensure data transmission is secure and can help prevent man-in-the-middle attacks.

The handshake for encryption is done in the PRELOGIN stream of the TDS protocol which is required by any client communicating with SQL Server and SQL Database including: SQL Server Management Studio and SQL Client and ADO.Net. You can read more about how the client and server handle encryption negotiation at http://msdn.microsoft.com/en-us/library/dd357559(PROT.13).aspx.

To encrypt connections from SQL Server Management Studio

  1. Open SQL Server Management Studio.
  2. From Object Explorer, click Connect, and then click Database Engine.
  3. From Connect to Server, click Options.
  4. Select Encrypt connection.

Note: The SQL Server Management Studio from SQL Server 2008 R2 and SQL Server 2008 R2 Express can be used to access, configure, manage and administer SQL Database. Previous versions of SQL Server Management Studio are not supported.

Note: If you try to request a connection via SQL Server Management Studio that is unencrypted, SQL Database signals SQL Server Management Studio to establish an encrypted connection.

Likewise, you need to specify in your connection strings that you want to encrypt the connection.

  • ADO.NET: Encrypt=True
  • ODBC: Encrypt=yes

Community Resources

See Also

 

Sort by: Published Date | Most Recent | Most Useful
Comments
  • patmas57 edited Revision 6. Comment: Branding update

  • Mr. Gao and patmas57:

    Thank you for your statement: "Windows Azure SQL Database doesn’t support unencrypted connections. This will ensure data transmission is secure and can help prevent man-in-the-middle attacks. ".  I feel safer using VS2010 and SSMS to connect to SQL Azure now.  I will still check things out a bit with Microsoft Network Monitor, but I at least feel brave enough to try VS2010 and SSMS now.

    Best,

    Shawn

  • Richard Mueller edited Revision 7. Comment: Removed (en-US) from title, added tags

Page 1 of 1 (3 items)