Encrypting Columns Using a Certificate

One solution to the problem of encrypting using a shared passphrase is to encrypt the data using a certificate. A primary benefit of certificates is that they relieve hosts of the need to maintain a set of passwords for individual subjects. Instead, the host merely establishes trust in a certificate issuer, which may then sign an unlimited number of certificates.

Certificates can be created within SQL Server 2008 using the CREATE CERTIFICATE command. The certificate created is a database-level securable that follows the X.509 standard and supports X.509 V1 fields. The CREATE CERTIFICATE command can load a certificate from a file or assembly, or it can also generate a key pair and create a self-signed certificate. ...

Get Microsoft® SQL Server 2008 R2 Unleashed now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.