What is the best practice for using certificates?
1. Is it best to have one certificate per database, create a user from the certificate then grant that user whatever rights are needed on objects for stored procedures in other databases to run? If a database has hundreds of stored procedures then presumably the overhead would be too much to have one certificate per proc?
2. Should the certificate and private key file be deleted once a stored proc has been signed? What happens once that proc is altered and needs signing again if they have been deleted or lost?
Thanks.