cryptography

This is a brief overview of how to issue certificates with certreq commands. It might be of use for someone administrating an ADCS instance. Issuing a leaf certificate This will create a certificate of the CertTemplateName template. certreq -submit -attrib "CertificateTemplate:CertTemplateName" .\signing_request.csr Issuing an issuing CA template This assumes that the root CA is not running in enterprise CA mode. This command will create an issuing CA certificate valid for 1 (one) year....

When calling EncryptByKey() in SQL server you will get a bunch of bytes in return. This article from Microsoft describes the structure of these bytes. If you pay close attention, it is even possible to work with this format outside of SQL server. Both decrypting and encrypting is possible, given that you can get the encryption key available outside of SQL Server. Using a HSM with the EKM integration is one way to do this, as SQL server has no native integration for exporting and importing keys....