/Kilimanjaro_Trunk/Security/Transport/Scripts/1 - Target endpoint setup.sql
SQL | 65 lines | 24 code | 13 blank | 28 comment | 0 complexity | 8ff8f75ef3aab0ba652051ac3c6c7eaf MD5 | raw file
1-------------------------------------------------------------------- 2-- Script for transport security sample. 3-- 4-- This file is part of the Microsoft SQL Server Code Samples. 5-- Copyright (C) Microsoft Corporation. All Rights reserved. 6-- This source code is intended only as a supplement to Microsoft 7-- Development Tools and/or on-line documentation. See these other 8-- materials for detailed information regarding Microsoft code samples. 9-- 10-- THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF 11-- ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO 12-- THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A 13-- PARTICULAR PURPOSE. 14-------------------------------------------------------------------- 15 16-- This script sets up a the target broker endpoint for transport 17-- certificate-based security. 18-- Modify the location of the certificate in script to suit configuration. 19 20USE master; 21GO 22 23-- A master key is required to use certificates. 24BEGIN TRANSACTION; 25IF NOT EXISTS (SELECT * FROM sys.symmetric_keys WHERE name = '##MS_DatabaseMasterKey##') 26 CREATE MASTER KEY ENCRYPTION BY PASSWORD ='Password#123' 27COMMIT; 28GO 29 30-- Create a certificate to authenticate the endpoint. 31IF EXISTS (SELECT * FROM sys.certificates WHERE name = 'target_transport_cert') 32 DROP CERTIFICATE target_transport_cert; 33GO 34 35CREATE CERTIFICATE target_transport_cert 36 WITH SUBJECT = 'Service broker transport authentication for target'; 37GO 38 39-- Backup to a file to allow the certificate to be given to the initiator. 40BACKUP CERTIFICATE target_transport_cert 41 TO FILE = 'c:\target_transport.cert'; 42GO 43 44-- Create the broker endpoint using the certificate for authentication. 45IF EXISTS (SELECT * FROM sys.endpoints WHERE name = 'service_broker_endpoint') 46 DROP ENDPOINT service_broker_endpoint; 47GO 48 49CREATE ENDPOINT service_broker_endpoint 50STATE = STARTED 51AS TCP (LISTENER_PORT = 4022) 52FOR SERVICE_BROKER (AUTHENTICATION = CERTIFICATE target_transport_cert); 53GO 54 55----------EXCHANGE CERTIFICATES BEFORE PROCEEDING--------------- 56-- The initiator and target certificates must be exchanged in order for them to 57-- authenticate each other. In a production system, this "out of band" exchange 58-- should be done with a high level of trust, since a certificate bearer will be 59-- able to begin dialogs and send messages to service broker services in the 60-- authenticating server. However, assuming the sample is being used on a development 61-- system, the exchange may be simple remote copies. 62 63 64 65