What is the purpose of creating a login from a certificate?
SQL Server provides the option to create a login from a certificate. E.g.
USE MASTER;
CREATE CERTIFICATE <certificateName>
WITH SUBJECT = '<loginName> certificate in master database',
EXPIRY_DATE = '12/05/2025';
GO
CREATE LOGIN <loginName> FROM CERTIFICATE <certificateName>;
GO
However, the documentation states (emphasis mine):
Logins created from certificates or asymmetric keys are used only for code signing. They cannot be used to connect to SQL Server. You can create a login from a certificate or asymmetric key only when the certificate or asymmetric key already exists in master.
What is the point of creating a login that cannot be used to connect to the server?
Background
We need to make some security changes to our middle-tier application. In particular, how it connects to its database. The powers that be have decreed that: "we cannot use Windows authentication".
I know this would normally be the preferred method, but anyone who has access to the middle-tier servers would have the same access to the database as the application.
If we use SQL authentication, we would need to:
- Encrypt the password.
- Store it in a config file/registry.
- Then decrypt the password when the application needs to connect to the database.
While the above is possible, I was somewhat hoping that:
- I could use a certificate based login.
- Associate the certificate with the application during the build process.
- And use that to connect to SQL Server.
The above mentioned extract from the documentaion seems to contradict this.
Answer
It is used for code signing SQL Server database objects. The CREATE LOGIN x FROM CERTIFICATE y is fully explained here along with examples and scenarios for SQL Server 2008 and 2008 R2: http://technet.microsoft.com/en-us/library/ms345102(v=sql.105).aspx
Here's a great example of signing a stored procedure in SQL Server 2014: http://technet.microsoft.com/en-us/library/bb283630.aspx