How to: Create Certificates for Service Broker Transport Security (Transact-SQL)

To set up Service Broker transport security for an instance of SQL Server, you first create a certificate in the master database by using the Transact-SQL CREATE CERTIFICATE statement. This statement creates both a public key and a private key. You can also use the CREATE CERTIFICATE statement to load an existing X.509 certificate. For more information on creating certificates, see CREATE CERTIFICATE (Transact-SQL). After creating the certificate, use the CREATE ENDPOINT or ALTER ENDPOINT statement to set the Service Broker endpoint to use the new certificate.

For more information using certificates for Service Broker transport security, see How to: Allow Service Broker Network Access by Using Certificates (Transact-SQL).

To create a certificate for Service Broker transport security

  • Create a certificate in the master database.


USE master ;

-- Create a certificate owned by dbo.

    ENCRYPTION BY PASSWORD = '**(34ader#$lqQEUer13'
    WITH SUBJECT='Instance certificate for transport security';