Database Administrators Stack Exchange
Database Administrators Stack Exchange

Questions tagged [certificate]

A container for a private and public key pair that includes additional meta-data / properties. Certificates are typically used for encryption as well as generating and validating signatures (e.g. module signing, message verification, etc).

100 questions
21
votes
2 answers

The certificate chain was issued by an authority that is not trusted

some time ago I installed SQL server 2016 developer edition on a windows 10 home edition environment (a laptop to be precise) and everything was fine. then someone - an administrator on the box - decided without telling me, to rename said box. after…
Marcello Miorelli
  • 17,274
  • 53
  • 180
  • 320
12
votes
1 answer

Permissions in triggers when using cross database certificates

I use cross database certificates (as explained by Erland Sommarskog) to control access to a certain database in my environment ( SQL Server 2008 R2 ). I have stored procedures in database A that update tables in database B. This has always…
Dave.Gugg
  • 331
  • 2
  • 13
10
votes
2 answers

Error: "The certificate cannot be dropped because one or more entities are either signed or encrypted using it."

I have a certificate I would like to remove from the database. If I issue the command DROP CERTIFICATE I get the error The certificate cannot be dropped because one or more entities are either signed or encrypted using it According to…
Geoff Dawdy
  • 1,143
  • 7
  • 23
  • 53
7
votes
3 answers

Sharing certificates encryped by password between DBs and instances

Question: I am trying to create a single (self signed) certificate and deploy across many databases and instances. I create and backup the cert with: USE MASTER CREATE CERTIFICATE DavesCert ENCRYPTION BY PASSWORD ='S3creT!' WITH SUBJECT = 'The…
David Ames
  • 201
  • 1
  • 2
  • 4
7
votes
1 answer

Find signed procedures, functions, triggers, assemblies and by which certificates / asymmetric keys

I have created a few Certificates (via CREATE CERTIFICATE) and Asymmetric Keys (via CREATE ASYMMETRIC KEY) and used them to sign and counter-sign various SQL modules: Stored Procedures User-Defined Functions (UDFs) Triggers Assemblies Signing was…
Solomon Rutzky
  • 70,048
  • 8
  • 160
  • 306
6
votes
1 answer

Permissions issue in Docker SQL Server 2017 while restoring certificate

Docker SQL Server 2017 container @latest. Using master database. The error I am facing is the following: [S00019][15208] The certificate, asymmetric key, or private key file is not valid or does not exist; or you do not have permissions for it. The…
Chaim Eliyah
  • 123
  • 8
6
votes
1 answer

SQL Server certificate for backups: Does expiration date matter?

If I have a cert in SQL Server, used for backups: Can backups still be created after cert expires? Can restore still happen after cert expires? What is the point of having these certs expire? (other than to expose me to backups failing due to…
Jonesome Reinstate Monica
  • 3,489
  • 10
  • 40
  • 57
6
votes
1 answer

Stored procedure security with execute as, cross database queries, and module signing

I have a situation that, while I was able to work around it (as the repro will show), I don't understand. Here are the high points Two databases, ChainingSource and ChainDestination, both of which have cross database chaining set to true A stored…
Ben Thul
  • 1,957
  • 2
  • 15
  • 20
6
votes
1 answer

Is it possible to add a certificate to a database role?

I have a certificate I am using for inter-DB access to a stored procedure in SQL Server, and am able to provide access to the stored procedure by creating a new user in the database using: CREATE CERTIFICATE testCertificate FROM FILE =…
jamesyjamesjames
  • 63
  • 3
5
votes
1 answer

Load assembly from a certificate in SQL Server

We received an assembly from external vendor as CREATE ASSEMBLY MYCALC_DLL AUTHORIZATION dbo FROM 0x42A728....<300,000 binary values> WITH PERMISSION_SET = UNSAFE GO And this DLL is been called from an SP. We would not like to set TRUSTWORTHY ON…
Kris
  • 452
  • 5
  • 15
5
votes
2 answers

Changing a certifcate+key algorithm by dropping & recreating with the same names

We have a situation where a symmetric key has been created (a long time ago) using TRIPLE_DES. This is used to encrypt a password column, and is used by around ten stored procedures (that utilizes these with OPEN SYMMETRIC KEY SSN_Key_01 DECRYPTION…
EvilDr
  • 860
  • 4
  • 14
  • 29
5
votes
2 answers

The certificate, asymmetric key, or private key file is not valid or does not exist

I'm trying to perform a restore of a database from a different server onto my localhost server .That database is encrypted (the bak file ) ,so I have to decrypt it ,that's fine I have all the cert files and the password ,but for some reason I'm…
Lucy
  • 299
  • 4
  • 7
  • 14
5
votes
1 answer

SQL Server SSL Encryption - SelfSign Cert working - why?

I realize this is strange behaviour and I wonder if it is supposed to be working that way when using SQL Server generated self-signed certificate. Client (Management Studio) with "encrypt connection" option set, client will verify self-signed cert…
Noob
  • 207
  • 1
  • 4
  • 8
5
votes
1 answer

Swapping TDE Cert Slow, any way to improve performance?

Fair warning, I am very new to encryption with DBs. Right now we use the following statement to swap certificates when in the process backing/restoring DBs between servers: ALTER DATABASE ENCRYPTION KEY REGENERATE WITH ALGORITHM = AES_256 …
BadgerBeaz
  • 153
  • 2
5
votes
1 answer

Is there any reason to back up these system-created certificates?

I understand the need for backing up keys and user defined certificates, but is there any reason that we should back up these certificates that are…
Clint
  • 71
  • 1
  • 5
1
2 3 4 5 6 7