Returns the private key of a certificate in binary format. This function takes three arguments.
A certificate ID.
An encryption password which is used to encrypt the private key bits when they are returned by the function, so that the keys are not exposed clear text to users.
A decryption password which is optional. If a decryption password is specified, then it is used to decrypt the private key of the certificate otherwise database master key is used.
Only users that have access to certificate’s private key will be able to use this function. This function returns the private key in PVK format.
Applies to: SQL Server (SQL Server 2012 through current version).
CREATE DATABASE TEST1; GO USE TEST1 CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'Use 5tr0ng P^55Words' GO CREATE CERTIFICATE Shipping04 WITH SUBJECT = 'Sammamish Shipping Records', EXPIRY_DATE = '20141031'; GO SELECT CERTPRIVATEKEY(CERT_ID('Shipping04'), 'jklalkaa/; uia3dd');
For a more complex example that uses CERTPRIVATEKEY and CERTENCODED to copy a certificate to another database, see example B in the topic CERTENCODED (Transact-SQL).