Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix missing / misleading statements, and formatting for BACKUP CERTIFICATE #1976

Merged
merged 1 commit into from Apr 25, 2019

Conversation

Projects
None yet
5 participants
@srutzky
Copy link
Contributor

commented Apr 23, 2019

  1. Updated "Arguments" section to conform to most other pages:

    1. Added "certname" argument.
    2. Added argument name to each option.
    3. Added "WITH PRIVATE KEY" argument as it mirrors CREATE CERTIFICATE.
    4. Corrected default path description (tested in SQL Server 2017 CU14 and 2019 CTP 2.4).
    5. Added LocalDB info to path description (tested in SQL Server Express LocalDB 2012 SP4).
  2. Updated "Remarks" section:

    1. Passwords are to protect private keys, not certificates.
    2. Added info about private key file format.
    3. Clarified that restoring a certificate does not require the private key.
    4. Added info about restoring a private key to an existing certificate via ALTER CERTIFICATE.
  3. Added links to CERTENCODED, CERTPRIVATEKEY, CERT_ID, and CERTPROPERTY functions in "See Also" section.

These updates are related to updates proposed for CREATE CERTIFICATE and ALTER CERTIFICATE via #1972 , and to the following post: https://sqlquantumleap.com/2019/04/22/can-a-certificates-private-key-be-imported-restored-from-a-binary-literal-hex-bytes/

Fix missing / misleading statements; fix formatting
1. Updated "Arguments" section to conform to most other pages:
    1. Added "certname" argument.
    2. Added argument name to each option.
    3. Added "WITH PRIVATE KEY" argument as it mirrors `CREATE CERTIFICATE`.
    4. Corrected default path description (tested in SQL Server 2017 CU14 and 2019 CTP 2.4).
    5. Added LocalDB info to path description (tested in SQL Server Express LocalDB 2012 SP4).

2. Updated "Remarks" section:
    1. Passwords are to protect private keys, not certificates.
    2. Added info about private key file format.
    3. Clarified that restoring a certificate does not require the private key.
    4. Added info about restoring a private key to an existing certificate via `ALTER CERTIFICATE`.

3. Added links to CERTENCODED, CERTPRIVATEKEY, CERT_ID, and CERTPROPERTY functions in "See Also" section.


These updates are related to updates proposed for `CREATE CERTIFICATE` and `ALTER CERTIFICATE` via #1972 , and to the following post: https://sqlquantumleap.com/2019/04/22/can-a-certificates-private-key-be-imported-restored-from-a-binary-literal-hex-bytes/
@PRMerger13

This comment has been minimized.

Copy link
Contributor

commented Apr 23, 2019

@srutzky : Thanks for your contribution! The author, @VanMSFT, has been notified to review your proposed change.

@srutzky srutzky changed the title Fix missing / misleading statements; fix formatting Fix missing / misleading statements / formatting for BACKUP CERTIFICATE Apr 23, 2019

@srutzky

This comment has been minimized.

Copy link
Contributor Author

commented Apr 23, 2019

Test script showing that the following items are the same between BACKUP CERTIFICATE and ALTER CERTIFICATE:

  1. File format of private key (PVK format)
  2. Default location of the private key file..

can be found at: https://pastebin.com/45gZKpuE

What that test script does not directly show is the actual default location. That was determined to not be the DATA folder (as previously documented) simply due to me using custom folders for both user data files and user log files. When saving and restoring the private key and not specifying a path, the file was written to, and read from, the default user data directory (registry value is: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL{2DigitVersionNumber}.{InstanceID}\MSSQLServer\DefaultData)

@srutzky srutzky changed the title Fix missing / misleading statements / formatting for BACKUP CERTIFICATE Fix missing / misleading statements, and formatting for BACKUP CERTIFICATE Apr 23, 2019

@VanMSFT

This comment has been minimized.

Copy link
Member

commented Apr 25, 2019

Reviewed. Thanks again @srutzky!
#sign-off

@srutzky

This comment has been minimized.

Copy link
Contributor Author

commented Apr 25, 2019

You're welcome 😺

@Jak-MS Jak-MS merged commit b18dd7d into MicrosoftDocs:live Apr 25, 2019

1 check passed

license/cla All CLA requirements met.
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.