堆栈内存溢出
  简体   繁体   English

SQL Server 2005使用私钥/加密创建证书

[英]SQL Server 2005 create certificate with private key / encryption

 原文  2011-09-01 20:33:15       sql/ sql-server-2005/ encryption-symmetric

问题描述

Ok, here is my problem. 好的,这是我的问题。 I am doing data encryption in SQL Server 2005 using a DB Master Key, Certificate and Symmetric Key. 我正在使用数据库主密钥,证书和对称密钥在SQL Server 2005中进行数据加密。 I need to be able to restore a certificate with a private key. 我需要能够使用私钥还原证书。 But when I run the CREATE CERTIFICATE with PRIVATE KEY, the certificate gets pulled into the DB but the private key does not show up. 但是,当我使用PRIVATE KEY运行CREATE CERTIFICATE时,证书被拉到DB中,但是私钥没有显示。 Below are the steps I follow for testing. 以下是我遵循的测试步骤。

Create the Database Master Key. 创建数据库主密钥。 

 CREATE MASTER KEY ENCRYPTION BY PASSWORD = '12345'

Create the Certificate 创建证书 

CREATE CERTIFICATE MyCert 
WITH SUBJECT = 'My First Certificate', 
EXPIRY_DATE = '1/1/2199';

Create a symmetric key that is encrypted with MyCert. 创建使用MyCert加密的对称密钥。 

CREATE SYMMETRIC KEY MySymmetricKey 
WITH ALGORITHM = AES_256 
ENCRYPTION BY CERTIFICATE MyCert

Call below select statements to show the keys and certs are there. 在select语句下面调用以显示密钥和证书。 They are. 他们是。 Master DB Key, Symmetric Key and Certificate are all there. 主数据库密钥,对称密钥和证书都在那里。 

SELECT * FROM sys.symmetric_keys 

SELECT * FROM sys.certificates

Create a backup of the database certificate and key 创建数据库证书和密钥的备份

Note I have tried putting them in the same folder and that did not work either. 请注意,我尝试将它们放在同一文件夹中,但也不起作用。 

BACKUP CERTIFICATE MyCert TO FILE = 'C:\SQLDatabase\MyCert\MyCert.cert'
WITH PRIVATE KEY ( FILE = 'C:\SQLDatabase\MyKey\MySymmetricKey.key' ,
ENCRYPTION BY PASSWORD = '12345' )

Drop the key and cert and verify they are gone. 放下密钥和证书,并确认它们已消失。 

DROP SYMMETRIC KEY MySymmetricKey
DROP CERTIFICATE MyCert;

There is no RESTORE for certificates only create by file. 仅通过文件创建的证书没有还原。 I call create certificate with the WITH PRIVATE KEY. 我用WITH PRIVATE KEY称创建证书。

When I run this the certificate shows up but the key does not come with it. 当我运行此证书时,将显示证书,但密钥不随附。

I have verified they are in the folders and SQL has access to the folders. 我已经验证它们在文件夹中,并且SQL可以访问这些文件夹。

I have also tried the ALTER CERTIFICATE WITH PRIVATE KEY and still nothing. 我也尝试过使用私钥更改证书,但仍然没有。

What am I missing? 我想念什么? 

CREATE CERTIFICATE PayGoDBCert 
FROM FILE = 'C:\SQLDatabase\MyCert\MyCert.cert'
WITH PRIVATE KEY (FILE = 'C:\SQLDatabase\MyKey\MySymmetricKey.key' , 
DECRYPTION BY PASSWORD = '12345')

SELECT * FROM sys.symmetric_keys 
SELECT * FROM sys.certificates

1 个解决方案

解决方案1
 0  2011-09-01 22:03:07

In your example you drop the symmetric keys but don't recreate it again. 在您的示例中,您删除了对称密钥,但是不再重新创建它。

Recreate the symmetric key again then restore the certificate. 再次重新创建对称密钥,然后还原证书。

Just a note:The password used to protect the backed up certificate is not the same password that is used to encrypt the private key of the certificate. 请注意:用于保护备份证书的密码与用于加密证书私钥的密码不同。

let us know if that solves your issue 让我们知道是否可以解决您的问题

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在SQL Server 2005 Express上安装证书(SSL加密) - Install a certificate (SSL Encryption) on SQL Server 2005 Express 加密SQL Server 2005 - Encryption SQL Server 2005 在 sql server 中使用加密密钥和证书获取加密列名 - Get encrypted column name with their encryption key and certificate in sql server 如何在Sql Server 2005中进行加密和解密 - How to do Encryption and Decryption in Sql Server 2005 强加密SQL Server 2005-2008 - Strong encryption SQL Server 2005-2008 SQL Server 2005密钥上的死锁 - SQL Server 2005 deadlock on key 无法创建SQL加密密钥 - Cannot create SQL Encryption Key SQL Server 2005:可以为空的外键约束 - SQL Server 2005: Nullable Foreign Key Constraint 在SQL Server 2005中添加外键 - adding a foreign key in sql server 2005 在SQL Server 2005中添加主键无法正常工作 - Adding a primary key in SQL Server 2005 not working
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM