Upgrading the certificate

This section describes the instructions to upgrade certificates for certificate‑based logins. Certificate upgrades are required only when replacing or renewing an existing certificate and are not part of the initial installation. Perform this procedure only if certificate‑based login is already configured.

To upgrade the certificate:

  1. Login to SQL Server Management Studio.

  2. To identify the login mapped to the certificate, execute the following query:

    SELECT name
FROM sys.server_principals
WHERE sid IN (
   SELECT sid
   FROM sys.certificates
   WHERE name = '<certificate_name>'
);

    Note: Replace the placeholder with actual names.

    This query returns the login_name associated with the existing certificate.

  3. To drop the login name, execute the following query:

    DROP LOGIN [login_name];

    Note: Replace the placeholder with actual names.

    This command removes the login_name associated with the existing certificate.

  4. To drop the associated objects, execute the following script:

    DropObjects.sql

  5. To drop the user, execute the following query:

    DROP USER [user_name];

    Note: Replace the placeholder with actual names.

    This command removes the user_name associated with the existing certificate.

  6. To drop the certificate, execute the following query:

    DROP CERTIFICATE <certificate_name>;

  7. To re-create the certificate, follow the steps mentioned in Creating a Certificate-Based Login.


Last modified : May 21, 2026