February 11, 2010 at 8:57 am
Hi all,
I have a few fields in a table secured by a SYMMETRIC KEY and CERTIFICATE. The Certificate is about to expire on the server so I need to re-create it or extend the expiry date somehow.
Firstly, can the date be extended?
If not, no matter - there's no data that will be lost here so I was thnking of the following:
use myDB;
DROP SYMMETRIC KEY myDBKey;
DROP CERTIFICATE myDBCert;
GO
CREATE CERTIFICATE myDBCert
WITH SUBJECT = 'myDB v2',
EXPIRY_DATE = '11/02/2015';
GO
CREATE SYMMETRIC KEY myDBKey WITH ALGORITHM = AES_256
ENCRYPTION BY CERTIFICATE myDBCert;
Does that look ok?
Then, I figure I need to add permission for my db user account to control the Key like this:
GRANT CONTROL on certificate::[myDBCert]
TO [myDBUser]
GRANT VIEW DEFINITION on symmetric key::[myDBCert]
TO [myDBUser]
that ok?
February 11, 2010 at 9:10 am
The expiration date is not checked when you base the encryption and decryption on a certificate, so your application will continue working after the certificate’s expiration date.
Adi
--------------------------------------------------------------
To know how to ask questions and increase the chances of getting asnwers:
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
February 11, 2010 at 9:26 am
ah right!
ok,
cheers Adi.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply