March 30, 2009 at 5:18 pm
We set our mirroring solution up a couple of years ago oblivious to the expiry_date option on the Create Certificate command. I rebooted the witness server yesterday after applying security updates and we started receiving login failures messages from the witness trying to connect to the mirror. The Principal and Mirror are still sync'd until either gets restarted.
I'm wondering if anyone could tell me what is the best process for creating and applying the new Cert with the least amount of DB downtime if any is required. I'm also concerned that if I break the mirror the wrong way I might have to go through setting it all up again from Primary backups which would be a major pain.
Thanks,
Chris
April 9, 2009 at 4:52 am
You cannot alter the expiration date of the existing ceritficates. You need to replace these certificates with new ones.
1. Create a new certificate on server1
2. Backup the public key of that new certificate
3. Restore the public key to server2. Make sure that this certificate is restored under the same owner as the old one.
4. Change the MIrroring Endpoint to use the new certificate by executing:
ALTER ENDPOINT endpointname FOR DATABASER_MIRRORING AUTHENTICATION = new certificate name
Execute the same steps on the other server as well.
[font="Verdana"]Markus Bohse[/font]
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply