How to choose what rootcert.cer to use ? (SSL/SQLCE)

  • Thread starter Thread starter garfitz
  • Start date Start date
G

garfitz

Hi,

In getting SQL to SQLCE Replication working I went ahead and installed
Certification Authority & generated my own rootcert.cer and all is
well.

Question is though, would it be easier to use a "trusted certificate"
(Verisign etc.)

I'm not sure how they work (Implied trust!) or are implemented on
server side and what the benefits over creating your own are ?

Anyone know ?
 
Hi Garrett,

It depends on your scenario. The "trusted certificates", such as Verisign
are included in the PocketPC OS, so you will not need to deploy and install
a root when using these. This is a good solution if you are planning to
ship a consumer application.

I've searched for a best practice guideline, but this was the best I found:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/windowsserver2003/proddocs/standard/sag_SEconceptsPKI.asp

Kevin Boske
([email protected])
SQL Server CE Team
Microsoft
----------------------------------------------------------------------------
----------------------------------------
Everything you need to know about SQL Server CE:

http://www.microsoft.com/sql/ce/techinfo/default.asp
----------------------------------------------------------------------------
----------------------------------------
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm.
----------------------------------------------------------------------------
----------------------------------------
--------------------
From: (e-mail address removed) (garfitz)
Newsgroups: microsoft.public.dotnet.framework.compactframework
Subject: How to choose what rootcert.cer to use ? (SSL/SQLCE)
Date: 12 Jan 2004 12:45:48 -0800
Organization: http://groups.google.com
Lines: 13
Message-ID: <[email protected]>
NNTP-Posting-Host: 213.202.167.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: posting.google.com 1073940348 1613 127.0.0.1 (12 Jan 2004 20:45:48
GMT)
X-Complaints-To: (e-mail address removed)
NNTP-Posting-Date: Mon, 12 Jan 2004 20:45:48 +0000 (UTC)
Path:
cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!cpmsftngxa09.phx.gbl!TK2MSFTNGP08.
phx.gbl!newsfeed00.sul.t-online.de!newsfeed01.sul.t-online.de!t-online.de!fu
-berlin.de!postnews2.google.com!not-for-mail
Xref: cpmsftngxa07.phx.gbl
microsoft.public.dotnet.framework.compactframework:42811
X-Tomcat-NG: microsoft.public.dotnet.framework.compactframework

Hi,

In getting SQL to SQLCE Replication working I went ahead and installed
Certification Authority & generated my own rootcert.cer and all is
well.

Question is though, would it be easier to use a "trusted certificate"
(Verisign etc.)

I'm not sure how they work (Implied trust!) or are implemented on
server side and what the benefits over creating your own are ?

Anyone know ?
 
Back
Top