Powered by Zoomin Software. For more details please contactZoomin

DataDirect Connect for ADO.NET Data Provider Help

Table of Contents

Data Encryption

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: April 16, 2026
  • 2 minute read
    • ADO.NET
    • Documentation

The SQL Server data provider supports SSL encryption for the following databases:

  • Microsoft SQL Server 2008
  • Microsoft SQL Server 2005
  • Microsoft SQL Server 2000 or higher
  • Microsoft SQL Server 2000 Enterprise Edition (64-bit) or higher

SSL secures the integrity of your data by encrypting information and providing authentication. See Data Encryption Across the Network for an overview.

Depending on your Microsoft SQL Server configuration, you can choose to encrypt all data, including the login request, or encrypt the login request only. Encrypting login requests, but not data, is useful for the following scenarios:

  • When your application needs security, but cannot afford to pay the performance penalty for encrypting data transferred between the data provider and server.
  • Microsoft SQL Server 2005 or Microsoft SQL Server 2008. When the server is not configured for SSL, but your application still requires a minimum degree of security.

Note: When SSL is enabled, the data provider communicates with database protocol packets set by the server’s default packet size. Any value set by the Packet Size connection string option is ignored.

Using SSL with Microsoft SQL Server

If your Microsoft SQL Server database server has been configured with an SSL certificate signed by a trusted CA, the server can be configured so that SSL encryption is either optional or required. When required, connections from clients that do support SSL encryption fail.

Although a signed trusted SSL certificate is recommended for the best degree of security, Microsoft SQL Server 2005 and higher can provide limited security protection even if an SSL certificate has not been configured on the server. If a trusted certificate is not installed, the server will use a self-signed certificate to encrypt the login request, but not the data.

The following table shows how the different Encryption Method connection string option values behave with different Microsoft SQL Server configurations.

Encryption Method Connection String Option and Microsoft SQL Server Configurations

Value No SSL Certificate SSL Certificate
SSL Optional SSL Required
NoEncryption Login request and data are not encrypted. Login request and data are not encrypted. Connection attempt fails.
SSL Connection attempt fails. Login request and data are encrypted. Login request and data are encrypted.
LoginSSL Microsoft SQL Server 2005 and higher: Login request is encrypted, but data is not encrypted
Microsoft SQL Server 2000: Connection attempt fails.		 Login request is encrypted, but data is not encrypted. Login request and data are encrypted.

Configuring SSL Encryption

  1. Choose the type of encryption for your application:
    • If you want the data provider to encrypt all data, including the login request, set the Encryption Method connection string option to SSL.
    • If you want the data provider to encrypt only the login request, set the Encryption Method connection string option to LoginSSL.
  2. To validate certificates sent by the database server, set the Validate Server Certificate connection string option to True.
  3. Optionally, set the Host Name In Certificate connection string option to a host name to be used to validate the certificate. The Host Name In Certificate connection string option provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the data provider is connecting to is the server that was requested.
TitleResults for “How to create a CRG?”Also Available inAlert