Амур-IT форум

Общение => Технический раздел => Тема начата: Arkhangel от 09.11.2021, 19:50:58

Название: MS SQL
Отправлено: Arkhangel от 09.11.2021, 19:50:58

На сервере найден файл MS_AgentSigningCertificate.cer у него заканчивается срок. Подскажите, за что он отвечает и что будет после истечения срока дейстия?

Название: Re: MS SQL
Отправлено: RangerRU от 09.11.2021, 20:03:30

Arkhangel, https://social.technet.microsoft.com/Forums/Lync/en-US/773f58dc-6d0a-4dc2-a819-d11d1cbf87c9/what-is-msagentsigningcertificatecer-for?forum=sqldatabaseengine

Название: Re: MS SQL
Отправлено: Flamen от 09.11.2021, 20:10:06

Raul Garcia - MS

I am talking about the *.cer files that are under the Data folder for SQL Server.

When SQL Server Agent is installed or updated via setup, the modules (i.e. SPs, etc.) are re-signed by a newly generated certificate.

Because this certificate is not under the control of Microsoft, a copy of the certificate public data (*.cer) is copied (i.e. a backup) in the Data folder (which is the default folder for certificate BACKUP operations).

The copies of these public certificates in the data folder are simply copies of the latest MS agent signing certificate as well as probably some copies from old MS agent certificates, but SQL Sever server itself doesn’t use them anymore.

I would suggest opening them (just open them, do not install them), you should see something like this:

General:

Issued to: MS_AgentSigningCertificate

Issued by: MS_AgentSigningCertificate

And if you click on the details tab, you will see different thumbprint for each of them.

I hop this answers your question

-Raul Garcia

SDE/T

SQL Server Engine

-------------------------

короче, делай либо свежую установку МайСкюэля либо апдейт через setup и свежий *.cer подтянется

Название: Re: MS SQL
Отправлено: Flamen от 09.11.2021, 20:42:18

насколько понял - старый сертификат - копия и не используется - а новый подтягивается и модули им подписываются

Название: Re: MS SQL
Отправлено: RangerRU от 10.11.2021, 13:10:49

Flamen, что из ответа не понятно?

Цитировать

This certificate is used for the login ##MS_SQLAuthenticatorCertificate##, which is a SQL Server login created for internal use during installation.

Название: Re: MS SQL
Отправлено: Flamen от 10.11.2021, 13:24:27

RangerRU,
да понятно, When SQL Server Agent is installed or updated via setup, the modules (i.e. SPs, etc.) are re-signed by a newly generated certificate.

Because this certificate is not under the control of Microsoft, a copy of the certificate public data (*.cer) is copied (i.e. a backup) in the Data folder (which is the default folder for certificate BACKUP operations).

The copies of these public certificates in the data folder are simply copies of the latest MS agent signing certificate as well as probably some copies from old MS agent certificates, but SQL Sever server itself doesn’t use them anymore.

и просто копией складывается, а при следующем апдейте или установке - подписывается новым