TDE Trusted CA Vs. Self-Signed Certificate

  • Hello,
    We have a customer who wants us to TDE on their databases.  I need to be able to explain at a very top level, the advantages and/or disadvantages of generating the certificates and keys in SQL (self-signed) and using a certificate generated by AD's certificate authority.  All the information I have found about the two seem to focus their use on https and so most of the difference don't appear to apply.  Any distinction between the two types and it's use in TDE would be greatly helpful.  I know the setup goes slightly different, so more of an operations difference if any is what I'm looking for.

  • Hi,

    There are some limitations and restrictions on the algorithms and key length you can use - https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/choose-an-encryption-algorithm

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply