Certificates

MSSQL-Feature-Image

Certificates
Certificates is another tools to encrypt data.
It use a public key and a private key to encrypt data.
Certificates can be backup and restore.
One Database can have many Certificates.

Create Certificates
“SUBJECT” is the subject name of the certification.
Accounting to X.509, subject name is used to store name of the person or entioty to whom the certificate is being issued.
However, it is useless in MS SQL Server. We can use it as description of certificate.
The maximum lenght of this is 128 characters long.
START_DATE is the certificate valid datatime (YYYYMMDD HH:MM:SS)
EXPIRY_DATE is the certificate invalid datatime (YYYYMMDD HH:MM:SS)
Expired certificate is no effect on encryption of data.

Backup Certificates
If the certificates is protected by Password, you need add “DECRYPTION BY PASSWORD” with the password.

Restore Certificates
Using create certificate by file to restore certificate

DROP Certificates

Change the protection of private key from password to DMK

Change the protection of private key from DMK to password

Change the password of private key protection

Author: Joe Chan