0

是否可以在 SQL Server 2008 Service Broker 中创建一个端点,支持基于证书的身份验证并使用域帐户进行授权?

例如

CREATE ENDPOINT ServiceBrokerEndpoint

AUTHORIZATION [domain\username]

STATE=STARTED AS TCP (LISTENER_PORT = 4022, LISTENER_IP = ALL)

FOR SERVICE_BROKER (MESSAGE_FORWARDING = DISABLED, MESSAGE_FORWARD_SIZE = 10, AUTHENTICATION = CERTIFICATE [CertificateName], ENCRYPTION = SUPPORTED ALGORITHM RC4)
4

1 回答 1

2

尝试这个

-------------------------------------
-- connect to server
-------------------------------------
use master;
go
create master key encryption by password = '...';
create certificate [<servername>]
  with subject = '<servername>'
  , start_date = '20100216'
  , expiry_date = '20150216';

create endpoint broker 
state = started
as tcp (listenner_port = 4022)
for service_broker (authentication = certificate [<servername>]);

-- Export the public key to disk
backup certificate [<servername>]
to file = '\\someshare\<servername>.cer';

--------------------------------
-- connect to client
--------------------------------
use master;
go
create master key encryption by password = '...';
create certificate [<clientname>]
  with subject = '<clientname>'
  , start_date = '20100216'
  , expiry_date = '20150216';

create endpoint broker 
state = started
as tcp (listenner_port = 4022)
for service_broker (authentication = certificate [<clientname>]);

-- Export the public key to disk
backup certificate [<clientname>]
to file = '\\someshare\<clientname>.cer';

--create an identity for server and import the server's certificate:
create login [<servername>] with password = '...';
alter login [<servername>] disable;
create user [<servername>];

create certificate [<servername>]
  authorization [<servername>]
  from file = '\\someshare\<servername>.cer';

--authorize <servername> to connect on the broker endpoint 
grant connect on endpoint::broker to [<servername>];

---------------------------------------
-- connect to the server
---------------------------------------

--create an identity for client and import the client's certificate:
create login [<clientname>] with password = '...';
alter login [<clientname>] disable;
create user [<clientname>];

create certificate [<clientname>]
  authorization [<clientname>]
  from file = '\\someshare\<clientname>.cer';

--authorize <clientname> to connect on the broker endpoint 
grant connect on endpoint::broker to [<clientname>];
于 2012-07-11T12:29:35.473 回答