在身份验证.NET使用证书SQL连接 [英] Authenticating SQL connection using certificates in .NET

问题描述

我注意到，有可能的SQL Server 2005/2008来验证使用证书复制帐户。是否有可能在同一个庄园来验证.NET的SqlConnection？

I've noticed that it is possible SQL Server 2005/2008 to authenticate replication accounts using certificates. Is it possible to authenticate .NET SqlConnection in the same manor?

在理想情况下，我想用密码验证完全废除，并有ASPNET用户使用存储针对其帐户连接证书。

Ideally, I'd like to do away with password authentication completely and have the aspnet user connect using a certificate stored against its account.

这是可能的，如果是这样，怎么可以这样做？

Is this possible, and if so, how can this be done?

推荐答案

使用Windows身份验证（NTLM / Kerberos的）或身份验证的TDS协议连接（即用户连接）唯一的方法SQL身份验证（用户名/密码） 。无法验证使用证书TDS连接。只有数据库镜像和Service Broker的连接，可以使用验证证书秒。

The only way to authenticate a TDS protocol connection (ie. a user connection) is using Windows authentication (NTLM/Kerberos) or SQL Authentication (user/password). Is not possible to authenticate TDS connections using certificates. Only Database Mirroring and Service Broker connections can authenticate using certificates.

什么你可能注意到的是IIS和发生在的基于Web的复制。这确实是基于证书的验证，但发生在客户端和IIS和SQL Server之间不涉及嚣以任何方式。

What you probably noticed is the HTTPS authentication between IIS and a client that occurs in Web Based Replication. That is indeed certificate based authentication, but occurs between the client and IIS and SQL Server is not involve din any way in it.

这篇关于在身份验证.NET使用证书SQL连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！