Solved

VB Client Communicate with Remote SQL Server via SSL

Posted on 2001-06-05
7
194 Views
Last Modified: 2011-09-20
I am trying to figure out how I can use my existing VB client application (EXE) to post data to a remote SQL Server database using an Internet connection.  I definitely want to use SSL for encryption.

I read that I need to purchase a security certificate and use RDS but I haven't seen any examples or how-to documents.  I would like a set of generic step-by-step instructions for accomplishing this task.  Sample VB code would also be nice.

TIA!
0
Comment
Question by:imayooper2
7 Comments
 
LVL 5

Accepted Solution

by:
AndrewDev earned 200 total points
Comment Utility
Using ADO you can establish a session to a server across an internet connection using the servers TCP/IP address as follows:

'Establishing DSNless Connection
strConn "PROVIDER=SQLOLEDB;SERVER=192.168.0.5;uid=xxx;pwd=xxx;database=xxx;"
Set dbConn = CreateObject("ADODB.Connection")
dbConn.Open strConn
Set rs = dbConn.execute(strSQLQuery)

This ADO utilities class may be of use to you
http://www.freevbcode.com/ShowCode.Asp?ID=1150

I am still investigating the certificate issue you raised but the above code will connect you to a remote SQL database

Regards
Andrew

0
 
LVL 1

Expert Comment

by:dalexis
Comment Utility
If you can't use SSL, you'd want to secure the traffic between the client app and SQL Server by setting SQL Server to only use the "Multi-protocol with encryption" network library, rather than the TCP/IP library.  This works over IP connections, and encrypts all communications to and from the server.

Exposing your SQL Server to the world by allowing direct connections over the Internet is something you want to avoid.  A better solution would be to implement a server-side component that encapsulates all access to the database, so that the client app *never* connects directly to the database.  The component can be secured by running within MTS or COM+ under an account that has rights to connect to the SQL Server.  It can even be run totally inside the firewall for even better security.

You can still use ADO on the client to manage datausing disconnected recordsets.

- David Alexis
0
 
LVL 4

Expert Comment

by:vindevogel
Comment Utility
what we do is this :

Develop an ActiveX component, running on the server that can update the database.

In your object, you can use plain ADO, compiled, so no worries there.

The pages call this object and pass data to it using PostForm. (better than request object)

Your SSL is guaranteed.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:imayooper2
Comment Utility
vindevogel,

Are you refering to ASP pages in your solution?  I'm stuck with a vb client app, not a web app.  If you are talking about a client app, how do I utilize the https protocol to call the activex object using PostForm?

Let me know if I misunderstood your comment.
0
 
LVL 4

Expert Comment

by:vindevogel
Comment Utility
No, we're using ASP pages .... sorry.
0
 
LVL 49

Expert Comment

by:DanRollins
Comment Utility
Hi imayooper2,
It appears that you have forgotten this question. I will ask Community Support to close it unless you finalize it within 7 days. I will suggest to:

    Accept AndrewDev's comment(s) as an answer.

imayooper2, if you think your question was not answered at all or if you need help, you can simply post a new comment here.  Community Support moderators will follow up.

EXPERTS: If you disagree with my recommendation, please post an explanatory comment.
==========
DanRollins -- EE database cleanup volunteer
0
 
LVL 1

Expert Comment

by:Computer101
Comment Utility
Comment from expert accepted as answer

Computer101
E-E Moderator
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

When trying to find the cause of a problem in VBA or VB6 it's often valuable to know what procedures were executed prior to the error. You can use the Call Stack for that but it is often inadequate because it may show procedures you aren't intereste…
Most everyone who has done any programming in VB6 knows that you can do something in code like Debug.Print MyVar and that when the program runs from the IDE, the value of MyVar will be displayed in the Immediate Window. Less well known is Debug.Asse…
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now