RE: SQL Encryption - Create Certificate

SSCrazy

Points: 2770

August 8, 2014 at 9:57 am

So to Clarify, I should be creating a new certificate 1st, Taking a backup, then If I need to replicate on other servers use the back up and that this has absolutely nothing to do with the Certificates that I installed through MMC.

CREATE CERTIFICATE NameOfCert AUTHORIZATION [dbo]

WITH SUBJECT= 'UserName'

,START_DATE= '2014-01-01'

,EXPIRY_DATE= '2015-01-01'

BACKUP CERTIFICATE [NameOfCert ] TO

FILE = 'E:\PATH\NameOfCert .cer'

WITH PRIVATE KEY(

FILE = 'E:\PATH\MyNewCert.pky'

,ENCRYPTION BY PASSWORD = 'P@$$w0rdt0EncryptCertb@ckup')

--SEPARTATE SCRIPT TO INSTALL\RESTORE on new server

CREATE CERTIFICATE [MyNewCert] AUTHORIZATION [dbo]

FROM FILE = 'E:\PATH\NameOfCert .cer'

WITH PRIVATE KEY (

DECRYPTION BY PASSWORD = 'P@$$w0rdt0EncryptCertb@ckup'

, FILE = 'E:\PATH\MyNewCert.pky'

)

Do I ever need to use?

CREATE SYMMETRIC KEY <'key name'>

WITH ALGORITHM = AES_256

ENCRYPTION BY <'certificate name'>