SQL Server 镜像证书过期处理

今天镜像中的主服务器进行维护重启,重启后发现镜像Disconnect,使用xp_readerrorlog 0, 1检查错误日志发现下列信息:

Database mirroring connection error 5 'Connection handshake failed. The certificate used by this endpoint was not found: Certificate expired. Use DBCC CHECKDB in master database to verify the metadata integrity of the endpoints. State 85.'

前先以为是重启导致了证书损坏,所以检查了下主机和备机的证书是否存在:

select name, start_date, expiry_date
from sys.certificates
where name not like '##%'

检查后发现主机的证书expiry_date时间是2011-01-01,而现在已经是13号了,可以得到一个结论,证书虽然过期但是如果镜像没有断开的话证书还是可以持续使用,直到镜像断开。

于是证书替换,主机,重新创建新证书、修改endpoint并备份给备机:

use master 
go
--principal_cert_new如果不进行endpoint删除的话这里需要新的证书名称
create certificate principal_cert_new with subject = 'mirror',start_date='2012-01-01', expiry_date='2099-06-01'; --为N年后更换证书选个日子(6.1已过)
go
alter endpoint endpoint_mirroring
for database_mirroring (authentication = certificate principal_cert_new)
go
drop certificate principal_cert
go
backup certificate principal_cert to file = 'd:\certificate\principal_cert.cer';

备机,还原主机的证书并回复镜像:

use master 
go
create certificate principal_cert_new AUTHORIZATION mirror_user from file = 'D:\certificate\principal_cert.cer';
go
alter database mydb set partner resume



posted on 2012-01-13 14:59  trams  阅读(1103)  评论(0编辑  收藏  举报