SQL Server 创建数字证书
我们有一个使用 SQL Server 2005 或更高版本的应用程序,当我们创建数据库时,它当前会创建各种登录名,我们有各种使用证书签名的存储过程。
目前,当生成或备份证书时,它使用 SQL Server 数据目录,这可能会导致 AV 软件问题和其他服务器权限问题。
本质上,我们需要找到一个临时目录,我们可以将证书复制到其中以进行安装,我获取临时目录的唯一方法是使用以下脚本通过 xp_cmdshell:-
DECLARE @temp nvarchar(255)
CREATE TABLE #Tmp
(
EnvVar nvarchar(255)
)
INSERT INTO #Tmp exec xp_cmdshell 'echo %TMP%'
SET @temp = (SELECT TOP 1 EnvVar from #Tmp)
SELECT @temp as 'Windows Directory'
drop table #Tmp
但是,如果在 SQL 中关闭 xp_cmshell 组件,那么这就不太好了服务器。
还有其他建议吗?从长远来看,我们将放弃数字证书,但短期内我们不能这样做。
We have an application that uses SQL Server 2005 or above, when we create the database it currently creates various logins we have various stored procedures that are signed with a Certificate.
Currently when the Certificate is generated or backed up it uses the SQL Server data directory this can cause issues with AV software and other server permission problems.
Essentially we need to find a temporary directory we can copy the certificate to for installation purposes, the only way I can get the temp directory is through xp_cmdshell using the following script:-
DECLARE @temp nvarchar(255)
CREATE TABLE #Tmp
(
EnvVar nvarchar(255)
)
INSERT INTO #Tmp exec xp_cmdshell 'echo %TMP%'
SET @temp = (SELECT TOP 1 EnvVar from #Tmp)
SELECT @temp as 'Windows Directory'
drop table #Tmp
However this is no good if the xp_cmshell component is switched off in SQL Server.
Does anyone have any other suggestions, longer term we are going to ditch the digital certificate but in the short term we cannot do this.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
输出
Environment.GetFolderPath( 的 CLR 存储过程 怎么样? SpecialFolder.Temp);这需要您部署程序集并将服务器配置为允许使用 CLR。
How about a CLR Stored procedure that outputs
Environment.GetFolderPath(SpecialFolder.Temp);This requires you deploy an assembly and that the server is configured to allow use of the CLR.