使用證書建立數據庫鏡像

 1 /*step 1 主實例中. 在master數據 庫中建立系統密鑰,若是當前系統中已經有加密密鑰,能夠忽略. 然後建立數據庫鏡像所須要的證書*/
 2 use master
 3 go
 4 create master key encryption by password='1@3Mirror'
 5 go
 6 create certificate mirror_core_cert
 7 with subject='core server certificate for mirror',expiry_date='2030-1-1';
 8 go
 9 
10 USE [master]
11 GO
12 
13 /****** Object:  Endpoint [Mirroring]    Script Date: 11/25/2013 9:38:24 AM ******/
14 /*建立節點,並指定全部者爲上一步中所建立的證書. 然後備份證書,並將證書拷貝到鏡像副本服務器上,以供還願證書*/
15 ALTER ENDPOINT [Mirroring] 
16     STATE=STARTED
17     AS TCP (LISTENER_PORT = 5024, LISTENER_IP = ALL)
18     FOR DATA_MIRRORING (ROLE = PARTNER, AUTHENTICATION = CERTIFICATE mirror_core_cert
19 , ENCRYPTION = REQUIRED ALGORITHM AES)
20 GO
21 
22 BACKUP CERTIFICATE mirror_core_cert TO FILE='D:\certificate\MyPCMirror\mirror_core_cert.crt';
23 GO
24 
25 
26 /*step 2 副本實例中,在master庫中建立相同的系統密鑰,並建立副本的證書*/
27 use master
28 go
29 --create master key encryption by password='1@3Mirror'
30 go
31 create certificate mirror_secondary_cert
32 with subject='secondary server certificate for mirror',expiry_date='2030-1-1';
33 go
34 
35 USE [master]
36 GO
37 
38 /****** Object:  Endpoint [Mirroring]    Script Date: 11/25/2013 9:38:24 AM ******/
39 /*建立節點,並指定全部者爲上一步中建立的證書. 備份證書,並拷貝到主實例的機器中,以待還原證書*/
40 ALTER ENDPOINT [Mirroring] 
41     STATE=STARTED
42     AS TCP (LISTENER_PORT = 5023, LISTENER_IP = ALL)
43     FOR DATA_MIRRORING (ROLE = PARTNER, AUTHENTICATION = CERTIFICATE mirror_secondary_cert
44 , ENCRYPTION = REQUIRED ALGORITHM AES)
45 GO
46 
47 BACKUP CERTIFICATE mirror_secondary_cert TO FILE='D:\certificate\MyPCMirror\mirror_secondary_cert.crt';
48 GO
49 
50 /*step 3 副本實例中,建立登錄名及用戶,並還原主實例中備份的證書,指定節點的權限,並設置數據庫鏡像的參與者.須要注意,端口須要是主實例服務器中設定的.*/
51 CREATE LOGIN mor WITH PASSWORD='test1@3';
52 GO
53 CREATE USER mor FOR LOGIN mor;
54 GO
55 CREATE CERTIFICATE mirror_core_cert
56 AUTHORIZATION mor
57 FROM FILE='D:\certificate\MyPCMirror\mirror_core_cert.crt';
58 GO
59 GRANT CONNECT ON ENDPOINT::[Mirroring] TO mor;
60 GO
61 ALTER DATABASE db1 SET PARTNER='TCP://grant-pc:5024';
62 GO
63 
64 
65 /*step 4 在主實例中,重複副本實例中的步驟.若是須要設置見證服務器,還須要指定一個見證服務器的地址.*/
66 
67 CREATE LOGIN mor WITH PASSWORD='test1@3';
68 GO
69 CREATE USER mor FOR LOGIN mor;
70 GO
71 CREATE CERTIFICATE mirror_secondary_cert
72 AUTHORIZATION mor
73 FROM FILE='D:\certificate\MyPCMirror\mirror_secondary_cert.crt';
74 GO
75 GRANT CONNECT ON ENDPOINT::[Mirroring] TO mor;
76 GO
77 
78 ALTER DATABASE db1 SET PARTNER='TCP://grant-pc:5023';
79 GO
80 ALTER DATABASE db1 SET PARTNER SAFETY OFF;