Add a certificate to the database.
Syntax:
CREATE CERTIFICATE certificate [ AUTHORIZATION user_name ]
{FROM existing_keys | generate_new_keys }
[ACTIVE FOR BEGIN_DIALOG = {ON | OFF }]
existing_keys:
ASSEMBLY assembly_name
{[EXECUTABLE ] FILE = 'path_to_file' [WITH PRIVATE KEY ( private_key_options )]}
generate_new_keys:
[ENCRYPTION BY PASSWORD = 'password']
WITH SUBJECT = 'certificate_subject_name'
[ , date_options [ ,...n ] ]
private_key_options:
FILE = 'path_to_private_key'
[, DECRYPTION BY PASSWORD = 'password' ]
[, ENCRYPTION BY PASSWORD = 'password' ]
date_options:
START_DATE = 'mm/dd/yyyy'
EXPIRY_DATE = 'mm/dd/yyyy'
Key:
user_name The user that will own the certificate.
assembly_name A signed assembly already loaded into the database.
path_to_file The path (local or UNC) , including filename
to a DER-encoded file that contains the certificate.
WITH PRIVATE KEY Load the private key of the certificate into SQL Server.
START_DATE Date the certificate becomes valid (default=current date.)
EXPIRY_DATE Date the certificate expires (default= 1 year after START_DATE)
ACTIVE FOR BEGIN_DIALOG Make available to the initiator of a Service Broker dialog conversation.
Users of these built-in functions for encryption and signing must decide when to check if the certificate has expired.
Example
USE MyDb;
CREATE CERTIFICATE SS64
ENCRYPTION BY PASSWORD = 'pG6464qwerty247y'
WITH SUBJECT = 'Demonstration certificate',
EXPIRY_DATE = '02/28/2014';
GO
“The certified quality of person's actual education reflects in the degree of respect he employs in his words while talking with others” ~ Anuj Somany
Related:
CREATE CERTIFICATE
DROP CERTIFICATE
BACKUP CERTIFICATE
X.509 standard
Password generator
Equivalent Oracle commands: ALTER SYSTEM SET ENCRYPTION KEY/SET WALLET..