We have some encrypted TDS traffic (MS SQL) that we want to decrypt with an AMD. However, the DBA's say there is no RSA private key in PEM format they can provide. They say it is using symmetric key. Below is what I found on MSDN.
SQL Server uses encryption keys to help secure data, credentials, and connection information that is stored in a server database. SQL Server has two kinds of keys: symmetric and asymmetric. Symmetric keys use the same password to encrypt and decrypt data. Asymmetric keys use one password to encrypt data (called the public key) and another to decrypt data (called the private key).Does anyone know how to get a key that the AMD can use to decrypt this kind of traffic?
According to our knowledge MS SQL connections are always encrypted using SSL with asymmetric keys. Please try to export your certificate with private key using the following query:
After exporting make sure that the key is in PEM format. If not, you will have to convert it to PEM using openssl.
We do not have knowledge about connection encryption using symmetric keys. If this is your case, please create a support ticket so that we can investigate it further. Attach a tcpdump file with encrypted TDS traffic and your AMD configuration.