Chapter 12 DBMS-Specific Features
A public key certificate, usually just called a certificate, is a digitally-signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key. Certificates are issued and signed by a certification authority (CA). The entity that receives a certificate from a CA is the subject of that certificate. PowerDesigner models certificates as extended objects with a stereotype of <<Certificate>>.
You can create a certificate in any of the following ways:
You can modify an object's properties from its property sheet. To open a certificate property sheet, double-click its diagram symbol or its Browser entry in the Certificates folder.
The following extended attributes are available on the Microsoft tab:
| Name | Description |
|---|---|
| Authorization | Specifies the name of a user as the owner of the certificate.
Scripting name: Authorization |
| Assembly | Specifies a signed assembly that has already been loaded into the database.
Scripting name: Assembly |
| Assembly File | Specifies the complete path, including file name, to a DER encoded file that contains the certificate. The path name can be a local path or a UNC path to a network location. The file will be accessed in the security context of the SQL Server service account. This account must have the required file system permissions.
Scripting name: AssemblyFile |
| Executable | If the EXECUTABLE option is used, the file is a DLL that has been signed by the certificate.
Scripting name: Executable |
| File | Specifies the complete path, including file name, to the private key. The private key path name can be a local path or a UNC path to a network location. The file will be accessed in the security context of the SQL Server service account. This account must have the necessary file system permissions.
Scripting name: PrivateKeyFile |
| Encryption password (private key) | Specifies the password that will be used to encrypt the private key.
Scripting name: PrivateKeyEncryptionPassword |
| Decryption password | Specifies the password required to decrypt a private key that is retrieved from a file.
Scripting name: PrivateKeyDecryptionPassword |
| Subject | Specifies the value of the subject field in the metadata of the certificate as defined in the X.509 standard.
Scripting name: Subject |
| Encryption password | Use this option only if you want to encrypt the certificate with a password.
Scripting name: EncryptionPassword |
| Star date | Specifies the date on which the certificate becomes valid. If not specified, StartDate will be set equal to the current date.
Scripting name: StartDate |
| Expiry date | Specifies the date on which the certificate expires. If not specified, ExpiryDate will be set to a date one year after StartDate.
Scripting name: ExpiryDate |
| Active for begin dialog | Specifies that the certificate is available to the initiator of a Service Broker dialog conversation.
Scripting name: ActiveForBeginDialog |
| Copyright (C) 2008. Sybase Inc. All rights reserved. |
| |