O SQL Server Service Broker tem uma conversa na qual, pelo menos, um ponto de extremidade foi definido para usar a criptografia RC4 e o servidor está definido para o modo de conformidade FIPS. Não há suporte para a criptografia RC4 durante a execução no modo de conformidade FIPS.
A configuração de segurança local é Criptografia de sistema: usar algoritmos compatíveis com FIPS para criptografia, hash e assinatura. Essa mensagem está gravada no log de aplicativo do Windows com a ID de evento 28078 do MSSQLSERVER.
Use ALTER ENDPOINT para especificar um algoritmo para o qual há suporte.
Para obter mais informações, consulte os tópicos sobre ALTER ENDPOINT (Transact-SQL) nos Manuais Online do Microsoft SQL Server 2005.
| Target | Microsoft.SQLServer.2005.DBEngine | ||
| Category | EventCollection | ||
| Enabled | True | ||
| Event_ID | 28078 | ||
| Event Source | $Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$ | ||
| Alert Generate | True | ||
| Alert Severity | Error | ||
| Alert Priority | Normal | ||
| Remotable | True | ||
| Alert Message |
| ||
| Event Log | Application | ||
| Comment | Mom2005ID='{945A6297-4BF8-4948-9920-5489E951CF28}';MOM2005GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74} |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| _F6DA1507_12AF_11D3_AB21_00A0C98620CE_ | DataSource | Microsoft.Windows.EventProvider | Microsoft.SQLServer.SQLDefaultAccount |
| GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
Home
PTB <Rule ID="Microsoft.SQLServer.2005.SQL_Server_Service_Broker_cannot_use_RC4_encryption_algorithm_when_running_in_FIPS_compliance_mode_5_Rule" Target="SQL2005Core!Microsoft.SQLServer.2005.DBEngine" Enabled="true" ConfirmDelivery="true" Remotable="true" Comment="Mom2005ID='{945A6297-4BF8-4948-9920-5489E951CF28}';MOM2005GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74}">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" Comment="{F6DA1507-12AF-11D3-AB21-00A0C98620CE}" TypeID="Windows!Microsoft.Windows.EventProvider" RunAs="SQL!Microsoft.SQLServer.SQLDefaultAccount">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>28078</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>$Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertMessageId>$MPElement[Name="Microsoft.SQLServer.2005.SQL_Server_Service_Broker_cannot_use_RC4_encryption_algorithm_when_running_in_FIPS_compliance_mode_5_Rule.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue/>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>