RE: Key Management Utility
- From: changliw@xxxxxxxxxxxxxxxxxxxx (Charles Wang[MSFT])
- Date: Tue, 12 Sep 2006 07:15:56 GMT
Dear Marc,
From your description, I understand that:Your SQL Server 2005 is using data encryption by certificates. Due to your
company's policy the keys must be changed every 90 days, so you want to
know if a key management utility existed can help you on this process.
If I have misunderstood, please let me know.
If they want to use new certificate, you need to manually write script to
remove the old certificate and add the new one. Also, you need to get the
symmetric keys protected by certificates before they drop the old
certificate. There is no tool in SQL 2005 to do this automatically. You
can consider to create a job to run the script.
Also, you may use self-signed certificate which is not related to with
certificates issued by CA at all.
For more information, you can refer to:
http://www.microsoft.com/technet/itsolutions/msit/security/sqldatsec.mspx
Sincerely,
Charles Wang
Microsoft Online Community Support
======================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
======================================================
.
- References:
- Key Management Utility
- From: Marc Castrechini
- Key Management Utility
- Prev by Date: Re: How To Remap Back To DBO?
- Next by Date: Re: Changing security authentication type.
- Previous by thread: Key Management Utility
- Next by thread: RE: Key Management Utility
- Index(es):
Relevant Pages
|
