ENCRYPTBYCERT (Transact-SQL)

Applies To: SQL Server 2014, SQL Server 2016 Preview

Topic Status: Some information in this topic is preview and subject to change in future releases. Preview information describes new features or changes to existing features in Microsoft SQL Server 2016 Community Technology Preview 2 (CTP2).

Encrypts data with the public key of a certificate.

Applies to: SQL Server (SQL Server 2008 through current version), SQL Database V12 ( Preview in some regions).

Topic link icon Transact-SQL Syntax Conventions

Syntax
EncryptByCert ( certificate_ID , { 'cleartext' | @cleartext } )
Arguments
certificate_ID

The ID of a certificate in the database. int.

cleartext

A string of data that will be encrypted with the certificate.

@cleartext

A variable of type nvarchar, char, varchar, binary, varbinary, or nchar containing data that will be encrypted with the public key of the certificate.

Return Types

varbinary with a maximum size of 8,000 bytes.

Remarks

This function encrypts data with the public key of a certificate. The ciphertext can only be decrypted with the corresponding private key. Such asymmetric transformations are very costly compared to encryption and decryption using a symmetric key. Asymmetric encryption is therefore not recommended when working with large datasets such as user data in tables.

Examples

This example encrypts the plaintext stored in @cleartext with the certificate called JanainaCert02. The encrypted data is inserted into table ProtectedData04.

INSERT INTO [AdventureWorks2012].[ProtectedData04] 
    VALUES ( N'Data encrypted by certificate ''Shipping04''',
    EncryptByCert(Cert_ID('JanainaCert02'), @cleartext) );
GO