您可以非常轻松地配置SSL,如果您没有受信任的证书,如果您强制加密,sql Server可以创建/发布它自己的自签名证书供您使用… from this write-up

Credentials (in the login packet) that are transmitted when a client application connects to sql Server are always encrypted. sql Server will use a certificate from a trusted certification authority if available. If a trusted certificate is not installed,sql Server will generate a self-signed certificate when the instance is started,and use the self-signed certificate to encrypt the credentials. This self-signed certificate helps increase security but it does not provide protection against identity spoofing by the server. If the self-signed certificate is used,and the value of the ForceEncryption option is set to Yes,all data transmitted across a network between sql Server and the client application will be encrypted using the self-signed certificate