是否可以在SQL Server 2008 Service Broker中创建支持的端点 基于证书的身份验证和使用域帐户进行授权?
e.g。
CREATE ENDPOINT ServiceBrokerEndpoint
AUTHORIZATION [domain\username]
STATE=STARTED AS TCP (LISTENER_PORT = 4022, LISTENER_IP = ALL)
FOR SERVICE_BROKER (MESSAGE_FORWARDING = DISABLED, MESSAGE_FORWARD_SIZE = 10, AUTHENTICATION = CERTIFICATE [CertificateName], ENCRYPTION = SUPPORTED ALGORITHM RC4)
答案 0 :(得分:2)
试试这个
-------------------------------------
-- connect to server
-------------------------------------
use master;
go
create master key encryption by password = '...';
create certificate [<servername>]
with subject = '<servername>'
, start_date = '20100216'
, expiry_date = '20150216';
create endpoint broker
state = started
as tcp (listenner_port = 4022)
for service_broker (authentication = certificate [<servername>]);
-- Export the public key to disk
backup certificate [<servername>]
to file = '\\someshare\<servername>.cer';
--------------------------------
-- connect to client
--------------------------------
use master;
go
create master key encryption by password = '...';
create certificate [<clientname>]
with subject = '<clientname>'
, start_date = '20100216'
, expiry_date = '20150216';
create endpoint broker
state = started
as tcp (listenner_port = 4022)
for service_broker (authentication = certificate [<clientname>]);
-- Export the public key to disk
backup certificate [<clientname>]
to file = '\\someshare\<clientname>.cer';
--create an identity for server and import the server's certificate:
create login [<servername>] with password = '...';
alter login [<servername>] disable;
create user [<servername>];
create certificate [<servername>]
authorization [<servername>]
from file = '\\someshare\<servername>.cer';
--authorize <servername> to connect on the broker endpoint
grant connect on endpoint::broker to [<servername>];
---------------------------------------
-- connect to the server
---------------------------------------
--create an identity for client and import the client's certificate:
create login [<clientname>] with password = '...';
alter login [<clientname>] disable;
create user [<clientname>];
create certificate [<clientname>]
authorization [<clientname>]
from file = '\\someshare\<clientname>.cer';
--authorize <clientname> to connect on the broker endpoint
grant connect on endpoint::broker to [<clientname>];