| title | description | author | ms.author | ms.date | ms.service | ms.subservice | ms.topic | f1_keywords | helpviewer_keywords | dev_langs | ||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ENCRYPTBYCERT (Transact-SQL) |
ENCRYPTBYCERT (Transact-SQL) |
VanMSFT |
vanto |
03/06/2017 |
sql |
t-sql |
reference |
|
|
|
[!INCLUDE SQL Server Azure SQL Database Azure SQL Managed Instance]
Encrypts data with the public key of a certificate.
:::image type="icon" source="../../includes/media/topic-link-icon.svg" border="false"::: Transact-SQL syntax conventions
EncryptByCert ( certificate_ID , { 'cleartext' | @cleartext } )
[!INCLUDEsql-server-tsql-previous-offline-documentation]
certificate_ID
The ID of a certificate in the database. int.
cleartext
A string of data that will be encrypted with the certificate.
@cleartext
A variable of one of the following types that contains data that will be encrypted with the public key of the certificate:
- nvarchar
- char
- varchar
- binary
- varbinary
- nchar
varbinary with a maximum size of 8,000 bytes.
This function encrypts data with the certificate's public key. The ciphertext can only be decrypted with the corresponding private key. These asymmetric transformations are costly when compared to encryption and decryption using a symmetric key. As such, asymmetric encryption isn't recommended when working with large datasets.
This example encrypts the plaintext stored in @cleartext with the certificate called JanainaCert02. The encrypted data is inserted into table ProtectedData04.
INSERT INTO [AdventureWorks2022].[ProtectedData04]
VALUES ( N'Data encrypted by certificate ''Shipping04''',
EncryptByCert(Cert_ID('JanainaCert02'), @cleartext) );
GO DECRYPTBYCERT (Transact-SQL)
CREATE CERTIFICATE (Transact-SQL)
ALTER CERTIFICATE (Transact-SQL)
DROP CERTIFICATE (Transact-SQL)
BACKUP CERTIFICATE (Transact-SQL)
Encryption Hierarchy