SQL Server 镜像证书过期处理

今天镜像中的主服务器进行维护重启，重启后发现镜像Disconnect，使用xp_readerrorlog 0, 1检查错误日志发现下列信息：

Database mirroring connection error 5 'Connection handshake failed. The certificate used by this endpoint was not found: Certificate expired. Use DBCC CHECKDB in master database to verify the metadata integrity of the endpoints. State 85.'

前先以为是重启导致了证书损坏，所以检查了下主机和备机的证书是否存在：

select name, start_date, expiry_date
from sys.certificates
where name not like '##%'

检查后发现主机的证书expiry_date时间是2011-01-01，而现在已经是13号了，可以得到一个结论，证书虽然过期但是如果镜像没有断开的话证书还是可以持续使用，直到镜像断开。

于是证书替换，主机，重新创建新证书、修改endpoint并备份给备机：

use master 
go
--principal_cert_new如果不进行endpoint删除的话这里需要新的证书名称
create certificate principal_cert_new with subject = 'mirror',start_date='2012-01-01', expiry_date='2099-06-01';  --为N年后更换证书选个日子（6.1已过）
go
alter endpoint endpoint_mirroring
for database_mirroring (authentication = certificate principal_cert_new)
go
drop certificate principal_cert
go
backup certificate principal_cert to file = 'd:\certificate\principal_cert.cer';

备机，还原主机的证书并回复镜像：

use master 
go
create certificate principal_cert_new AUTHORIZATION mirror_user from file = 'D:\certificate\principal_cert.cer';
go
alter database mydb set partner resume