Certificate

Restore-DbaDbCertificate

Jess Pomfret (@jpomfret), jesspomfret.com

Restore-DbaDbCertificate View Source Jess Pomfret (@jpomfret), jesspomfret.com Windows, Linux, macOS Synopsis Restores database certificates from .cer and .pvk files into SQL Server databases. Description Restores database certificates and their associated private keys from backup files into SQL Server databases. This function is essential for recovering certificates used in TDE (Transparent Data Encryption), backup encryption, Always Encrypted, and other SQL Server security features after database migrations, disaster recovery, or server rebuilds.

Set-DbaNetworkCertificate

Chrissy LeMaire (@cl), netnerds.net

Set-DbaNetworkCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS Synopsis Sets the network certificate for SQL Server instance Description Sets the network certificate for SQL Server instance. This setting is found in Configuration Manager. This command also grants read permissions for the service account on the certificate’s private key. References: https://www.itprotoday.com/sql-server/7-steps-ssl-encryption https://azurebi.jppp.org/2016/01/23/using-lets-encrypt-certificates-for-secure-sql-server-connections/ https://blogs.msdn.microsoft.com/sqlserverfaq/2016/09/26/creating-and-registering-ssl-certificates/ Syntax Set-DbaNetworkCertificate [-SqlInstance <DbaInstanceParameter[]>] [-Credential <PSCredential>] [-RestartService] [-EnableException] [-WhatIf] [-Confirm] [<CommonParameters>] Set-DbaNetworkCertificate [-SqlInstance <DbaInstanceParameter[]>] [-Credential <PSCredential>] -Certificate <X509Certificate2> [-RestartService] [-EnableException] [-WhatIf] [-Confirm] [<CommonParameters>] Set-DbaNetworkCertificate [-SqlInstance <DbaInstanceParameter[]>] [-Credential <PSCredential>] -Thumbprint <String> [-RestartService] [-EnableException] [-WhatIf] [-Confirm] [<CommonParameters>] Examples Example: 1 PS C:\> New-DbaComputerCertificate | Set-DbaNetworkCertificate -SqlInstance localhost\SQL2008R2SP2 Creates and imports a new certificate signed by an Active Directory CA on localhost then sets the network certificate for the SQL2008R2SP2 to that newly created certificate.

Start-DbaDbEncryption

Chrissy LeMaire (@cl), netnerds.net

Start-DbaDbEncryption View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS Synopsis Implements Transparent Data Encryption (TDE) on user databases with automated key infrastructure and backup management Description Automates the complete TDE implementation process from start to finish, handling all the complex key management steps that would otherwise require multiple manual commands. This function sets up the entire encryption infrastructure including master keys, certificates or asymmetric keys, database encryption keys, and automatically backs up all encryption components to protect against data loss.

Stop-DbaDbEncryption

Chrissy LeMaire (@cl), netnerds.net

Stop-DbaDbEncryption View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS Synopsis Disables Transparent Data Encryption (TDE) on all user databases across a SQL Server instance Description Disables Transparent Data Encryption (TDE) on all user databases within a SQL Server instance by calling Disable-DbaDbEncryption for each encrypted database found. This function automatically excludes system databases (master, model, tempdb, msdb, resource) and only processes databases that currently have encryption enabled. This is commonly used during instance decommissioning, migration scenarios where TDE is not required in the target environment, or when standardizing security configurations across multiple databases.

Test-DbaComputerCertificateExpiration

Chrissy LeMaire (@cl), netnerds.net

Test-DbaComputerCertificateExpiration View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS Synopsis Identifies SSL/TLS certificates that are expired or expiring soon on SQL Server computers Description Scans computer certificate stores to find certificates that are expired or will expire within a specified timeframe. This function focuses on certificates used for SQL Server network encryption, helping DBAs proactively identify potential connection failures before they occur. By default, it examines certificates that are candidates for SQL Server’s network encryption feature.

← Previous

1 2 3 4

Page 4 of 4