ASP .Net Web API Connection to SQL Azure

Question

Hi,

I am implementing  APS .Net Web API integration with SQL Azure database. Since SQL Azure only alows standard security. Per the link http://msdn.microsoft.com/en-us/library/azure/ee621781.aspx the password is in the connection string. Is this the recommended way or are there more secure ways to go about it?

thanks

Answer 1

Hello!

Thanks for reaching out here.

We're investing into this question. Shall update this thread with our comments, at the earliest.

Thanks again,

Arvind

Answer 2

Hi,

Yes, that is the recommended way.

SQL Azure transfers data using tabular data stream (TDS) over an SSL connection. SQL Azure doesn’t support unencrypted connections, and has a signed certificate issued by a Certificate Authority. These factors all help ensure secure data transmission and can help prevent man-in-the-middle attacks

To validate certificates with ADO.NET application code, set Encrypt=True andTrustServerCertificate=False in the database connection string.

Reference :  http://technet.microsoft.com/en-us/magazine/hh351833.aspx

Regards,

Mekh.