what do you mean by "dbm certificate expired"? is this the certificate assigned to the mirroring endpoints?|||yes, the certificate which used to encrypt the endpoint has expired. could you give me some advice about how to change the certificate or extend the lifttime of this certificate?
appreciate.
thanks.
|||
Certificate lifetimes cannot be extended.
For each machine that has an expired cert, here are the steps to replace the cert. I'll call the instance that has the cert expired M1, the peer M2:
1) on M1: create a new certificate in [master]
2) on M1: export (backup) the public key part of the cert
3) on M2: restore the cert, under the same owner (authorization) as the old cert on the peer
4) on M1: alter the endpoint to use the new cert (ALTER ENDPOINT ... FOR DATABASE_MIRRORING (AUTHENTICATION = [new_cert])
5) on M1: drop the old cert
6) on M2: drop the old cert
You'll probably gonna have to repeat the steps on the other direction as well (swap M1 with M2) since most likely the peer's cert is also expired.
|||Remus, thanks you very much.|||
Hi Remus I also have a question. When initially creating the certificates is there a way to specify the validity? By default I saw it is 1 year. Maybe put 5 years right from the beginning...
salut
|||got it
CREATE CERTIFICATE xxx_cert
WITH SUBJECT = 'xxx certificate for database mirroring',
EXPIRY_DATE = '12/31/2020';
GO
No comments:
Post a Comment