PageRenderTime 29ms CodeModel.GetById 26ms app.highlight 2ms RepoModel.GetById 1ms app.codeStats 0ms

/Kilimanjaro_Trunk/Security/Transport/Scripts/1 - Target endpoint setup.sql

#
SQL | 65 lines | 24 code | 13 blank | 28 comment | 0 complexity | 8ff8f75ef3aab0ba652051ac3c6c7eaf MD5 | raw file
 1--------------------------------------------------------------------
 2-- Script for transport security sample.
 3--
 4-- This file is part of the Microsoft SQL Server Code Samples.
 5-- Copyright (C) Microsoft Corporation. All Rights reserved.
 6-- This source code is intended only as a supplement to Microsoft
 7-- Development Tools and/or on-line documentation. See these other
 8-- materials for detailed information regarding Microsoft code samples.
 9--
10-- THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF
11-- ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO
12-- THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
13-- PARTICULAR PURPOSE.
14--------------------------------------------------------------------
15
16-- This script sets up a the target broker endpoint for transport
17-- certificate-based security.
18-- Modify the location of the certificate in script to suit configuration.
19
20USE master;
21GO
22
23-- A master key is required to use certificates.
24BEGIN TRANSACTION;
25IF NOT EXISTS (SELECT * FROM sys.symmetric_keys WHERE name = '##MS_DatabaseMasterKey##')
26	CREATE MASTER KEY ENCRYPTION BY PASSWORD ='Password#123'
27COMMIT;
28GO
29
30-- Create a certificate to authenticate the endpoint.
31IF EXISTS (SELECT * FROM sys.certificates WHERE name = 'target_transport_cert')
32	DROP CERTIFICATE target_transport_cert;
33GO
34
35CREATE CERTIFICATE target_transport_cert
36	WITH SUBJECT = 'Service broker transport authentication for target';
37GO
38
39-- Backup to a file to allow the certificate to be given to the initiator.
40BACKUP CERTIFICATE target_transport_cert
41	TO FILE = 'c:\target_transport.cert';
42GO
43
44-- Create the broker endpoint using the certificate for authentication.
45IF EXISTS (SELECT * FROM sys.endpoints WHERE name = 'service_broker_endpoint')
46	DROP ENDPOINT service_broker_endpoint;
47GO
48
49CREATE ENDPOINT service_broker_endpoint
50STATE = STARTED
51AS TCP (LISTENER_PORT = 4022)
52FOR SERVICE_BROKER (AUTHENTICATION = CERTIFICATE target_transport_cert);
53GO
54
55----------EXCHANGE CERTIFICATES BEFORE PROCEEDING---------------
56-- The initiator and target certificates must be exchanged in order for them to
57-- authenticate each other. In a production system, this "out of band" exchange
58-- should be done with a high level of trust, since a certificate bearer will be 
59-- able to begin dialogs and send messages to service broker services in the
60-- authenticating server. However, assuming the sample is being used on a development
61-- system, the exchange may be simple remote copies.
62
63
64
65