December 9, 2009 at 2:57 am
I am trying to do the following:-
Create a certificate
Backup a certificate to a file
send the file to a third party
Have them create a certificate from it.
I get the following error:-
Msg 15468, Level 16, State 1, Line 1
An error occurred during the generation of the certificate.
When I do this on different servers within our domain it works fine. I can encrypt data and not decrypt. But where i created the certificate I can do both. As soon as I try to do it on an outside server it fails.
Any ideas?
thanks
December 9, 2009 at 7:03 am
Can you post the code you are using?
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
December 9, 2009 at 8:15 am
on my server:
CREATE CERTIFICATE Test2009
ENCRYPTION BY PASSWORD = 'pGFD4bb925DGvbd2439587y'
WITH SUBJECT = 'Protect North West',
EXPIRY_DATE = '01/01/2010';
BACKUP CERTIFICATE Test2009 TO FILE = 'Test2009.txt'
on third party server
CREATE CERTIFICATE Test2009
FROM FILE = 'Test2009.txt' --using full path
this last piece of code errors on third party server but works on a different server within my domian
December 9, 2009 at 8:25 am
I believe you need to use a private key file to migrate the certificate that way. Here's a blog post I wrote about using certificates to sign stored procedures where I found that moving a certificate from one database to another user database required a private key file be created when backing up and restoring to the new database. Here's the basic syntax:
/*
Create the Certificate
*/
CREATE CERTIFICATE cert_access_other_db
ENCRYPTION BY PASSWORD = 'c3rtPa$$word'
WITH subject = 'Access Other DB'
GO
/*
Backup the certificate being sure to use a Private Key
*/
BACKUP CERTIFICATE cert_access_other_db TO FILE = 'C:\Certificates\cert_access_other_db.cer'
WITH PRIVATE KEY (FILE = 'C:\Certificates\cert_access_other_db.pvk' ,
ENCRYPTION BY PASSWORD = '3ncRyptKeyPa$$word',
DECRYPTION BY PASSWORD = 'c3rtPa$$word');
GO
/*
Create the certificate in the new database from the file
*/
CREATE CERTIFICATE cert_access_other_db FROM FILE = 'C:\Certificates\cert_access_other_db.cer'
WITH PRIVATE KEY (FILE = 'C:\Certificates\cert_access_other_db.pvk',
/*The password used to create the private key*/
DECRYPTION BY PASSWORD = '3ncRyptKeyPa$$word',
ENCRYPTION BY PASSWORD = 'D3cryptKeyPa$$word');
GO
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
December 9, 2009 at 8:31 am
Thankls a lot for that Jack. I will let you know how I get on.
December 10, 2009 at 9:15 am
I still get the same error on the third party's server
December 10, 2009 at 11:01 am
Unfortunately that's all the help I can offer at this point. May be able to try it out later though.
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply