如何保护Vb6应用程序与mssql服务器之间的连接?

时间:2019-02-27 10:08:08

标签: sql-server vb6 ado

我正在使用sqloledb提供程序和activex数据对象连接到mssql数据库的旧版应用程序。现在,我需要对应用程序和服务器之间的连接进行加密,而无需在sql server中使用强制加密选项。

我已在sql服务器实例中安装了自签名证书,并尝试将Encrypt=trueTrustservercertificate=true放在连接字符串中。但是连接未加密。

我尝试将ODBC提供程序与ADO一起使用,并且在使用encrypt=truetrustservercertificate=true时遇到了SSL安全错误,该错误打开了连接。

请让我知道如何使用ADO 2.8库建立安全连接。

Private Sub Command1_Click()
    Dim sConnectionString As String
    Dim strSQLStmt As String

     '-- Build the connection string
     'sConnectionString = "UID=userid;PWD=password;Initial Catalog=EHSC_SYM_Kings_Development;Server=EHILP-257\MIB14;Provider=MSOLEDBSQL;Encrypt=YES;trustServerCertificate=YES"
     'sConnectionString = "Provider=sqloledb;Data Source=192.168.27.91\MIB14;Initial Catalog=EHSC_SYM_Kings_Development;User Id=userid;Password=password;Encrypt=YES;trustServerCertificate=YES"
     'sConnectionString = "driver={SQL Server};server=192.168.27.91\MIB14;user id=userid;password=password;Initial Catalog=EHSC_SYM_Kings_Development;Encrypt=Yes;trustServerCertificate=True"
     sConnectionString = "Provider=SQLNCLI11;Server=192.168.27.91\MIB14;Database=EHSC_SYM_Kings_Development;Uid=userid;Pwd=password;Encrypt=yes;trustServerCertificate=True"

     strSQLStmt = "select * from dbo.patient where pat_pid = '1001'"

    'DB WORK
    Dim db As New ADODB.Connection
    Dim cmd As New ADODB.Command
    Dim rs As New ADODB.Recordset
    Dim result As String

    db.ConnectionString = sConnectionString
    db.Open 'open connection

    With cmd
      .ActiveConnection = db
      .CommandText = strSQLStmt
      .CommandType = adCmdText
    End With

    With rs
      .CursorType = adOpenStatic
      .CursorLocation = adUseClient
      .LockType = adLockOptimistic
      .Open cmd
    End With

    If rs.EOF = False Then
        rs.MoveFirst
        Let result = rs.Fields(0)
    End If
    'close conns
    rs.Close
    db.Close
    Set db = Nothing
    Set cmd = Nothing
    Set rs = Nothing
End Sub

2 个答案:

答案 0 :(得分:0)

谢谢大家的建议,我终于设法通过将驱动程序更改为sqlserver本机客户端11(ODBC)来使连接安全。看来sqloledb不支持tls。将驱动程序更改为ODBC似乎并没有太大改变。我的其余代码可以正常工作,无需进行任何更改

sConnectionString = "Driver={SQL Server Native Client 11.0};Server=192.168.27.91\MIB14;Database=EHSC_SYM_Kings_Development;user id=Fymphony;password=FEzp[HnR;Encrypt=yes;TrustServerCertificate=yes"

答案 1 :(得分:0)

我自己经历了这个。

对于您的原始连接字符串,您要查找的关键字是 not (不是),就像大多数Internet会让您相信的那样,它是“ Encrypt = true”或“ Encrypt = yes”。这是“对数据使用加密= true”。

因此您的连接字符串变为:

sConnectionString = "Provider=SQLNCLI11;Server=192.168.27.91\MIB14;Database=EHSC_SYM_Kings_Development;Uid=userid;Pwd=password;Use Encryption for Data=true;trustServerCertificate=True"

trustservercertificate = true仅用于使用自签名证书进行测试...并使自己遭受中间人攻击;)

作为参考,已对此进行了测试: VB6通过ADODB使用SQLNCLI11提供程序连接到SQL Server 2016。

相关问题
最新问题