Microsoft SQL Server Management Studio (SSMS)
Microsoft Cryptographic Next Generation (CNG) Provider enables the use of CipherTrust Key Management Server (KMS) devices for storage of keys and cryptographic operations such as key creation, deletion, encryption, decryption, and so on. This is a more secure solution because the encryption keys do not reside with encryption data. Data can be encrypted by using encryption keys that only the database user has access to.
This document provides a low-level detail of how the CipherTrust KMS can be integrated with Microsoft CNG Provider. You must have basic knowledge of using Microsoft CNG Provider and CipherTrust KMS concepts to make full use of the recommendations in this document.
Supported Product Versions
This integration is validated on the following operating system variants:
Windows
Windows Server 2012 R2
Windows Server 2016
CipherTrust Manager
- CipherTrust Manager 2.8 and higher
ProtectApp Microsoft CNG Provider
8.10.0 64 bit
8.10.0 32 bit
SQL Server
- 2016 and above
SQL Server Management Studio
- Up to 18.6
Prerequisites
Ensure that the CipherTrust Manager is installed and configured. For more details, refer to the CipherTrust Manager Documentation.
SSMS communicates with the CipherTrust Manager using the Network Attached Encryption (NAE)-XML Interface. Ensure that the NAE-XML interface is configured. For more details, refer to the CipherTrust Manager Documentation.
Ensure that the port configured on NAE-XML interface is accessible from the SSMS machine.
Ensure Setting up SSL.
Ensure that the SQL Server is installed on the target machine. For more details, refer to the Microsoft documentation.
Ensure that the SQL Server Management Studio is installed on the target machine. For more details, refer to the Microsoft documentation.
Steps For The Integration
To integrate SSMS with the CipherTrust Manager: