January 12, 2010 at 2:25 pm
What is the best practice for using certificates?
1. Is it best to have one certificate per database, create a user from the certificate then grant that user whatever rights are needed on objects for stored procedures in other databases to run? If a database has hundreds of stored procedures then presumably the overhead would be too much to have one certificate per proc?
2. Should the certificate and private key file be deleted once a stored proc has been signed? What happens once that proc is altered and needs signing again if they have been deleted or lost?
Thanks.
January 13, 2010 at 10:58 pm
JWOL (1/12/2010)
What is the best practice for using certificates?1. Is it best to have one certificate per database, create a user from the certificate then grant that user whatever rights are needed on objects for stored procedures in other databases to run? If a database has hundreds of stored procedures then presumably the overhead would be too much to have one certificate per proc?
2. Should the certificate and private key file be deleted once a stored proc has been signed? What happens once that proc is altered and needs signing again if they have been deleted or lost?
Thanks.
1. Either way. We have used multiple certificates for different roles.
2. Don't delete them. They should be backed up. There needs to be extra security and precaution taken for the cert and key in the backup location.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply