I am trying to upgrade from SQL 2005 Standard to Enterprise in our Production environment. I am testing this currently on a VM to document and script the steps necessary what we would need to do during a maintenance window when I can have this server offline.
I am getting the following error:
'SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client][SQL Server]
The certificate cannot be dropped because one or more entities are either signed or encrypted using it.. To continue, correct the problem, and the run SQL Server Setup again.'
How can I find the entries, or remove them. We do not typically do this, and I explicitly didn't do this on the test server. I have tried this with 2 different VM builds and I'm getting the same error.
When going in to Control Panel, AddRemove Programs, SQL 2005 x64, Change, I can rerun the Suspended setup and it errors with the same Problem.
How can I get around this short of uninstalling and reinstalling the product? Is there another part of the SKUupgrade switch I need to append? I'm saving this as a batch file and running it from the command line.
Here is my command line entry:
Net use Z: /delete
Net use Z: "\<Fileserver>SoftwareMicrosoftSQL2005Enterprise Edition x64"
start /wait Z:serverssetup.exe ADDLOCAL=SQL_Engine INSTANCENAME=MSSQLSERVER UPGRADE=SQL_Engine SKUUPGRADE=1 /qb
i am using Sqlexpress instance and want to upgrade it to standrad edition so i did the installation and installer told me that use this SKUUPGRADE=1
in command prompt to upgrade the sqlexpress instance but whenever i am running the command its giving me an message that "Please go to control panel for installing the components"
what i am doing wrong, i have tried using every command but it always gives me this message
The error occurs on the CREATE CERTIFICATE statement:
Msg 15208, Level 16, State 1, Line 1
The certificate, asymmetric key, or private key file does not exist or has invalid format.
I am logged on as a local admin when running the script. The SQL Server service account is also a local admin, and the account I am logged on as is sysadmin in SQL Server. This script works fine in my Dev environment and a separate Pre-Prod environment.
And several others. Nothing will actually work. Sometimes it complains that the option selected aren't valis for the version of SQL Server that I have installed. (SQL_Engine isn't a valid option?) I even tried listing every component (except, analysis services and notification services) in the ADDLOCAL option...
If it doesn't complain that the options are invalid, then shows me an install box with Client Components and Documentation options all with red X's. Doesn't show me the main components.
With SSL, is all traffic from the client to the database on port 443 ? Or are other ports needed ?
With Windows Certificate Management Snap-in, a request for a certificate assumes that there is a local Certificate Authority. I don't have one and it is my understanding that I should buy a third party certificate to avoid a man in the middle attack. With IIS there is a certificate request process. Is there something similar I should use with SQL ?
for the third time I am installing SQL-Server 2005 express and i have an error.
Cannot install sql because .NET 2.0 framework is missing allthough I have the .NET 2.0 framework allready installed and even re-installed it too. When trying again I get the message that there isn't an SSL-certificate present.
My question is, would this probably cause the error when installing?
How do we install a certificate for enabling security on MS -SQL Server 2005? I tried to install through MMC but it says no " certificate authority found " . Any help will be highly appreciated , Thanks to you all in advance :-)
When opening Visual Studio 2005 and creating a new project my computer sometimes crashes (blue screen). The System Error with source MSSQL$SQLEXPRESS and description: Fallback certificate initialization failed. Error: 1 (Event-ID: 17190) is found in the programlog.
Do anyone know the source of this error/what is causing it? How can I fix it?
Hi, We are trying to implement Service Broker between SQL Server Express and SQL Server on the Same machine and we are having problems with certificates. We are creating a certificate on SQL Server, backing up the certificate on a file system and then loading certificate on the SQL Server Express from the file and we are keep getting the following error: Msg 15208, Level 16, State 1, Line 1 The certificate, asymmetric key, or private key file does not exist or has invalid format.
Following script runs fine on SQL Server.
Code Snippet
use master
Create Master Key Encryption BY Password = '45Gme*3^&fwu';
BACKUP MASTER KEY TO FILE = 'C:ServiceBrokerPrivateKeyMasterB.pvk'
ENCRYPTION BY PASSWORD = '45Gme*3^&fwu'
Create Certificate EndPointCertificateC
WITH Subject = 'C.Server.Local',
START_DATE = '06/01/2006',
EXPIRY_DATE = '01/01/2008'
ACTIVE FOR BEGIN_DIALOG = ON;
BACKUP CERTIFICATE EndPointCertificateC
TO FILE = 'C:ServiceBrokerEndPointCertificateC.cer'
Following script runs on SQL Server Express:
Code Snippet
Create Certificate EndPointCertificateC
From FILE = 'C:ServiceBrokerEndPointCertificateC.cer'
WITH PRIVATE KEY (
FILE = 'C:ServiceBrokerPrivateKeyMasterB.pvk',
DECRYPTION BY PASSWORD = '45Gme*3^&fwu'
);
If we run the script other way around, it works fine. If we use the SQL Server on some other machine, the script works fine. But only on the same machine, it throws this error. We made sure the permissions and everything. Let us know if there is any work around or what are we doing wrong.
Hi I am trying to install SQLEXPRESS 2005 and i get this error: SQL Server Setup faild to retrieve the SSL Certificate Name and an OK button and when i hit the button, the installiatoin stops. The Event log shows this: Product: Microsoft SQL Server 2005 -- Error 1603. SQL Server Setup failed to retrieve the SSL Certificate Name.
i m trying to send message between different server instance using service broker.
and for security purpose i am trying to create certificate. for that i have used makecert.exe and get a certificate and a private key. but when i am creating certificate using that file it is showing error
the code is --
CREATE CERTIFICATE ctfSourceServerMaster
FROM FILE = 'C:SourceServer.cer'
WITH PRIVATE KEY ( FILE = 'C:SourceServer.pvk', DECRYPTION BY PASSWORD = 'PrivateKeyPassword' )
ACTIVE FOR BEGIN_DIALOG = ON
GO
i have created the file SourceServer.cer' and SourceServer.pvk' by using makecert.exe tool.
the idea behind creating the certificate ctfSourceServerMaster is to give transport security.
I am running the particular script in the master database.
but still i am getting error
ERROR:----
The certificate, asymmetric key, or private key file does not exist or has invalid format.
I'm using the System Center Essential 2007 VHD (http://go.microsoft.com/fwlink/?LinkId=91061). It has an SQL Server Express Edition with Advanced Services installed as a named instance, SCEVHDSCE. I tried to upgrade the SQL Server to Enterprise Edition, because some of the reports are not working in Express. I started the setup with the SKUUPGRADE=1 switch, it found the SQL Engine and Reporting Services components and offered to upgrade them. Upgrading the SQL Engine was successful, however the Reporting Services failed with the following error:
SQL Server Setup did not have the administrator permissions required to copy a file: C:Program FilesMicrosoft SQL ServerMSSQL.4Reporting ServicesReportServer ssrvpolicy.config. To continue, verify that the file exists, and either grant administrator permissions to the account currently running Setup or log in with an administrator account. Then run SQL Server Setup again.
I checked the file, it exists and the current account (which is a domain administrator) has permissions. I stopped all services which could use the reporting services, rerun the setup now only for reporting services, but the same error occured. For the third try I started Filemon also, and it captured the following trace. http://mit.bme.hu/~micskeiz/files/sql-rs-install-error.jpg From this I guess the following: until row 442 it checks the existense of the target folder and creates the folder for the upgraded instance in C:Program FilesMicrosoft SQL ServerMSSQL.4. In step 443 probably it wants to copy the old config, but it searches them in the C:Program FilesMicrosoft SQL ServerMSSQL.2 folder, which should be the location of a default reporting services install. However, the setup of System Center Essentials installs its SQL Server Express Reporting Services in C:Program FilesSystem Center Essentials 2007Microsoft SQL ServerMSSQL.2, thus the setup fails because it is looking for rssrvpolicy.config in the wrong folder. Do I see the problem correctly? The setup log can be found here: http://mit.bme.hu/~micskeiz/files/SQLSetup0005_SCEVHD_RS.log
I tried to do a command line install, but I did not found a switch to tell the old location of Reporting Services. Neverthless I tried the following command: D:>start /wait setup.exe ADDLOCAL=RS_Server INSTANCENAME=SCEVHDSCE UPGRADE=RS_ Server SKUUPGRADE=1 /qb But the setup said that the requested component could not be found.
Any suggestions?
Thanks, Zoltan (I will be on vacation from next week, so I could not respond for a week.)
Hi I am trying to install SQL Server 2005 Express on my machine, which has Windows Server 2003 with Service Pack 1. I could not able to install properly and i am getting error always. Here is the Error I am getting always "The certificate chain was issued by an authority that is not trusted" . I am trying for past few days i could not able to resolve.
Please help Thanks Here is the Error message from Summary.txt
Microsoft SQL Server 2005 9.00.1399.06 ============================== OS Version : Microsoft Windows Server 2003 family, Service Pack 1 (Build 3790) Time : Tue Sep 05 12:31:18 2006
-------------------------------------------------------------------------------- Machine : SERVIDORCC Product : Microsoft SQL Server 2005 Express Edition Product Version : 9.00.1399.06 Install : Failed Log File : C:Archivos de programaMicrosoft SQL Server90Setup BootstrapLOGFilesSQLSetup0008_SERVIDORCC_SQL.log Last Action : InstallFinalize Error String : SQL Server Setup could not connect to the database service for server configuration. The error was: {Microsoft}{SQL Native Client}SSL Provider: The certificate chain was issued by an authority that is not trusted. Error Number : 29515 --------------------------------------------------------------------------------
SQL Server Setup failed. For more information, review the Setup log file in %ProgramFiles%Microsoft SQL Server90Setup BootstrapLOGSummary.txt. Time : Tue Sep 05 17:12:41 2006
I attempted to setup database mirroring using a High Availability scenario but when I installed SQL is chose to use local system accounts for all the services. Consequently, I stubled upon a microsoft article explaining how to setup mirroring using local system accounts and certificate authentication but I am stil not able to get it to work. When I try ti initiate the mirror from the mirror server I receive an error stating "Neither the partner nor the witness server instance for database "EDENLive" is available. Reissue the command when at least one of the instances becomes available." I have checked all the endpoints and everything seems to be in order. I even checked to make sure that each server was listening on the appropriate ports and I AM able to telnet to the ports. Please help!
I am trying to create a encrypted row in my database Everything here worked except that when i run the final query to decrypt the data It just comes up with null for each row. Even if i do a query to show me the rows that are not null It's like it is saying yeah there is data here but I am only going to show you null instead of what I am supposed to decrypt.Here is what I tried from start to finish Create Certificate TestCert Encryption By Password = 'Password' With Subject = 'SQLCert', Expiry_Date = '12/01/2050';
declare @Test nvarchar(50) set @Test='123456789'
insert into testenc (testencry) Values (encryptbyCert(Cert_ID('TestCert'),@Test ))
select convert (Nvarchar(50), DecryptByCert(Cert_ID('TestCert'), testencry,N'Password')) As Test from testenc
im trying to drop all certificates on my database, and then the master key, but cannot do this as there are objects encrypted by one particular cert that i called fcert. I done this ages ago and cannot remember what i encrypted with this cert. to drop the master key i have to drop the cert and to drop the cert i have to make sure no objects are encrypted by it. how is this achieved?
I can use "CREATE CERTIFICATE" to add a CER certificate into a SQL database. How can I do so with a PFX certificate? From the document, it can be done so with a CER file and a PVK file, but only a PFX file.
hey, I am having a weired issue(donno whether its weired or not.). I have a user who has db_owner rights on a database. But when he is trying to create a certificate he is getting error. "Msg 15247, Level 16, State 1, Line 1 User does not have permission to perform this action." Remember he is having db_owner rights on that particular database. is there any other permission that i have to give him.
I'm having this really strange issue with mirroring.
I've followed the instructions on http://msdn2.microsoft.com/en-us/library/ms191140.aspx to the letter, leaving out the witness server part, as I don't have one.
All works OK, but when activating the mirroring on the principal server I get the usual error 1418 error. I fired up SQL Server Profiler to see what was happening, and the following error emerged.
Connection handshake failed. The certificate used by the peer is invalid due to the following reason: Certificate not yet valid. State 104.
I am trying to get SQL Express to use a certificate for SSL encryption between the server and client. Our company has a certificate server and I already did generate a server certificate from it. I installed the certificate in the "local machine" store and I also have the CA certificate in the trusted root on the server machine. (XP PRO)
When I use the configuration tool, I get to the "protocols for SQLEXPRESS" area, I click properties, I select the certificate tab, but there are no certificates available from which to choose.
Can someone shed some light on where I might go from here?
As we know ,certificate is a digitallly-signed security object that bind the public key to the principal who holds the private key.
Say i create a certificate by using create certificate DDL, then use it to encrypt data and decrypt data as follows:
Code Block create certificate cert1 encryption by password='p@ssw0rd1' with subject='certificate test' go declare @plaintext varchar(100) set @plaintext='abcd' declare @cipher varbinary(8000) set @cipher=encryptbycert(cert_id('cert1'),@plaintext) select convert(varchar,decryptbycert(cert_id('cert1'),@cipher,N'p@ssw0rd1'))
Is that mean i create public key implicitly when i run "create certificate cert1 encryption by password='p@ssw0rd1' with subject='certificate test'"?
What cryptography algorithm would be use when i use the certificate to encrypt data ? Where is private key? I ensure I use the public key which generated from "create certificate " DDL to encrypt data .I want to know which private key i used when i execute decryptbycert to decrypt.
What I wont is to be abele to do is to send a message from €œSender€? to €œReceiver 1€? or €œRecevier 2€?.
I am abele to send a message from €œSender€? to €œReceiver 1€? but if I send a message to €œReceiver 2€? I get a dialog security problem I think. If I use profiler I can se in €œReceiver 2€? the events:
Broker:Connection Audit Broker Login Broker:Message Classify Audit Broker Conversation = Certificate not found Broker:Message Undeliverable
And I cant find what´s wrong, this Is my scripts for etch instance.
€œSender€?
USE master
CREATE CERTIFICATE Cert_ROBOTSRV WITH SUBJECT = 'Cert_ROBOTSRV_auth', START_DATE = '02/15/2007', EXPIRY_DATE = '02/15/2015' GO BACKUP CERTIFICATE Cert_ROBOTSRV TO FILE = 'C:Cert_ROBOTSRV'
GO
CREATE ENDPOINT SBEndpointServer STATE = STARTED AS TCP (LISTENER_PORT = 5723) FOR SERVICE_BROKER (AUTHENTICATION = CERTIFICATE Cert_ROBOTSRV)
GO CREATE USER andon
CREATE CERTIFICATE Cert_sevapc311_pub AUTHORIZATION andon FROM FILE = 'C:Cert_sevapc311'
GRANT SEND ON SERVICE::[Grafik_Service_Send_ROBOTSRV] TO andon
CREATE USER sbLogin
GRANT SEND ON SERVICE::[Grafik_Service_Send_ROBOTSRV] TO sbLogin GO --GRANT SEND ON SERVICE::[Grafik_Service_Send_ROBOTSRV] --TO [VADERSTADvrobot] --GO
-- Grant RECEIVE permission on the queue. GRANT RECEIVE ON [Grafik_Queue] TO andon GO GRANT CONTROL ON SERVICE::[Grafik_Service_Send_ROBOTSRV] TO andon GO
--DROP REMOTE SERVICE BINDING Grafik_sevap CREATE REMOTE SERVICE BINDING Grafik_sevap TO SERVICE 'Grafik_Service_Recive_sevapc311' WITH USER = andon GO
--DROP REMOTE SERVICE BINDING Grafik_andonpc017 CREATE REMOTE SERVICE BINDING Grafik_andonpc017 TO SERVICE 'Grafik_Service_Recive_Andonpc017' WITH USER = andon
€œReceiver 1€?
use master
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'andonANDON'
