How to validate SQL Server traffic is encrypted?

Question

I need to prove that the encryption settings we have in our app\'s connection string are working.

What would be the simplest way to validate that traffic from our web

Answer 1

You check the encrypt_option column of the sys.dm_exec_connections DMV. This way you can no only prove that is encrypted, but you can also validate in your application at start up time. To enforce the encryption you follow the methods described in this MSDN How To: Enable Encrypted Connections to the Database Engine. If either the client or the server forces encryption and a certificate is provided and the client accepts the server certificate, the connection will be encrypted. To validate that the traffic is encrypted you can use the built-in netmon.exe tool (must be installed from ad/remove system components), download the improved Microsoft Network Monitor 3.2 or other third party tools.

As an alternative the deployment site can enforce IPSec encryption.