Post reply

Certificates

  • January 12, 2010 at 2:25 pm

    #218209

    What is the best practice for using certificates?

    1. Is it best to have one certificate per database, create a user from the certificate then grant that user whatever rights are needed on objects for stored procedures in other databases to run? If a database has hundreds of stored procedures then presumably the overhead would be too much to have one certificate per proc?

    2. Should the certificate and private key file be deleted once a stored proc has been signed? What happens once that proc is altered and needs signing again if they have been deleted or lost?

    Thanks.

  • January 13, 2010 at 10:58 pm

    #1103426

    JWOL (1/12/2010)

    What is the best practice for using certificates?

    1. Is it best to have one certificate per database, create a user from the certificate then grant that user whatever rights are needed on objects for stored procedures in other databases to run? If a database has hundreds of stored procedures then presumably the overhead would be too much to have one certificate per proc?

    2. Should the certificate and private key file be deleted once a stored proc has been signed? What happens once that proc is altered and needs signing again if they have been deleted or lost?

    Thanks.

    1. Either way. We have used multiple certificates for different roles.

    2. Don't delete them. They should be backed up. There needs to be extra security and precaution taken for the cert and key in the backup location.

    Jason...AKA CirqueDeSQLeil
    _______________________________________________
    I have given a name to my pain...MCM SQL Server, MVP
    SQL RNNR
    Posting Performance Based Questions - Gail Shaw[/url]
    Learn Extended Events

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply