1

We can encrypt certificates in SQL both by the database master key, and the other option is by password. I want to know the advantages and disadvantages of DMK encryption. Does password usage make the certificate more secure?

thanks

asked Jul 16, 2019 at 13:40

1 Answer 1

1

We can encrypt certificates in SQL both by the database master key, and the other option is by password.

You can do both at the same time, which is preferable.

I want to know the advantages and disadvantages of DMK encryption.

The big two are:

  • If you forget the password or can't use the SMK (service master key), you can still open the Certificate (think AG, DBM, etc.)
  • You can use Transparent Decryption which removes the need to specifically open by password
answered Jul 16, 2019 at 16:57
2
  • how to do it both at the same time? Does syntax allow us to do it? @SeanGallardy Commented Jul 17, 2019 at 11:43
  • 1
    @ElGrig When you create the certificate, a DMK must already exist and it is automatically encrypted using the MDK. If you choose to use the PASSWORD clause then it will be encrypted by both. Commented Jul 17, 2019 at 12:23

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.