New-DbaDbAsymmetricKey View Source Stuart Moore (@napalmgram), stuart-moore.com Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates RSA asymmetric keys in SQL Server databases for encryption and digital signing
Description Creates asymmetric keys within SQL Server databases using RSA encryption algorithms (512-4096 bit). These keys are essential for database-level encryption features like Transparent Data Encryption (TDE), column-level encryption, and digital signing of assemblies or stored procedures.
New-DbaDbCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates a new database certificate for encryption and security purposes
Description Creates a new database certificate within a specified database using SQL Server Management Objects. Database certificates are essential for implementing Transparent Data Encryption (TDE), encrypting stored procedures and functions, securing Service Broker dialogs, and enabling column-level encryption.
New-DbaDbEncryptionKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates database encryption keys for Transparent Data Encryption (TDE)
Description Creates database encryption keys (DEKs) required for Transparent Data Encryption, using certificates or asymmetric keys from the master database. This is the essential first step before enabling TDE on any database to encrypt data at rest.
New-DbaDbMasterKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates a database master key for encryption operations
Description Creates a database master key, which is required for implementing Transparent Data Encryption (TDE), Always Encrypted, or other database-level encryption features. The master key serves as the root encryption key that protects other encryption keys within the database.
New-DbaServiceMasterKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates a service master key in the master database for instance-level encryption hierarchy
Description Creates a service master key in the master database, which sits at the top of SQL Server’s encryption hierarchy. The service master key automatically encrypts and protects database master keys, certificates, and other encryption objects across all databases on the instance.
Remove-DbaComputerCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes certificates from Windows certificate stores on local or remote computers
Description Removes certificates from Windows certificate stores on local or remote computers using PowerShell remoting. This is essential for managing SSL/TLS certificates used by SQL Server instances for encrypted connections and authentication. DBAs commonly use this to clean up expired certificates, remove compromised certificates during security incidents, or manage certificate lifecycle during SQL Server migrations and decommissions.
Remove-DbaDbCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes database certificates from SQL Server databases
Description Removes database certificates from specified SQL Server databases using the DROP CERTIFICATE statement. This function is commonly used during certificate rotation, security cleanup, or when decommissioning encryption features like Transparent Data Encryption (TDE) or Always Encrypted. Certificates can be targeted individually by name or removed in bulk using pipeline input from Get-DbaDbCertificate.
Remove-DbaDbEncryptionKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes database encryption keys from SQL Server databases to disable Transparent Data Encryption
Description Removes database encryption keys (DEK) from specified databases by executing DROP DATABASE ENCRYPTION KEY. This is typically used when disabling Transparent Data Encryption (TDE) on a database or during encryption key rotation workflows.
Remove-DbaDbMasterKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes database master keys from SQL Server databases
Description Removes database master keys from specified SQL Server databases by executing DROP MASTER KEY. Database master keys are used to encrypt other database-level encryption keys, including those for Transparent Data Encryption (TDE), Always Encrypted, and certificate private keys.
Remove-DbaNetworkCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes the SSL certificate configuration from SQL Server network encryption settings
Description Removes the certificate thumbprint from SQL Server’s network encryption configuration by clearing the Certificate registry value in SuperSocketNetLib. This disables forced SSL encryption for client connections and returns the instance to unencrypted or optional encryption mode.
dbatools