sys.certificates (Transact-SQL)

Returns a row for each certificate in the database.

Column name

Data type

Description

name

sysname

Name of the certificate. Is unique within the database.

certificate_id

int

ID of the certificate. Is unique within the database.

principal_id

int

ID of the database principal that owns this certificate.

pvt_key_encryption_type

char(2)

How the private key is encrypted.

NA = There is no private key for the certificate

MK = Private key is encrypted by the master key

PW = Private key is encrypted by a user-defined password

SK = Private key is encrypted by the service master key.

pvt_key_encryption_type_desc

nvarchar(60)

Description of how the private key is encrypted.

NO_PRIVATE_KEY

ENCRYPTED_BY_MASTER_KEY

ENCRYPTED_BY_PASSWORD

ENCRYPTED_BY_SERVICE_MASTER_KEY

is_active_for_begin_dialog

bit

If 1, this certificate is used to initiate encrypted service dialogs.

issuer_name

nvarchar(442)

Name of certificate issuer.

cert_serial_number

nvarchar(64)

Serial number of certificate.

sid

varbinary(85)

Login SID for this certificate.

string_sid

nvarchar(128)

String representation of the login SID for this certificate

subject

nvarchar(4000)

Subject of this certificate.

expiry_date

datetime

When certificate expires.

start_date

datetime

When certificate becomes valid.

thumbprint

varbinary(32)

SHA-1 hash of the certificate. The SHA-1 hash is globally unique.

attested_by

nvarchar(260)

System use only.

pvt_key_last_backup_date

datetime

The date and time the certificate’s private key was last exported.

Permissions

The visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.

See Also

Reference

Security Catalog Views (Transact-SQL)

Catalog Views (Transact-SQL)

CREATE CERTIFICATE (Transact-SQL)

Concepts

Encryption Hierarchy