We use certificates while setting up database mirroring for two partners that are in a workgroup or in non-trusted domains. The idea is to create a certificate on each partner, export it to the other and then setup a login to use that certificate. As explained in BOL here, this is called setting up Inbound and Outbound connections Here is a simplified representation of how it needs to be setup
If either of these is not setup correctly you can get a variety of error messages like theseMsg 1431, Level 16, State 4, Line 1Neither the partner nor the witness server instance for database "TEST2" is available. Reissue the command when at least one of the instances becomes available. Error: 1438, Severity: 16, State: 1.The server instance Partner rejected configure request; read its error log file for more information. The reason 1405, and state 2, can be of use for diagnostics by Microsoft. This is a transient error hence retrying the request is likely to succeed. Correct the cause if any and retry. Error: 1405, Severity: 16, State: 2Apart from the blog post above, you can refer to Bemis 2189705 for a step by step approach to setting up database mirroring with certificates. The steps consist of the following 1. Setup Outbound connections:- Consists of creating the certificate, the endpoint ( with the certificate in the AUTHENTICATION clause) and then backing up the certificate2. Setup Inbound connections:- Consists of restoring the certificate from the partner, associating it with a login and granting that login connect on the endpoint 3. Run the ALTER DATABASE statements starting with Mirror server first and then on Principal
Read more: Microsoft SQL Server Support Blog
QR:
Read more: Microsoft SQL Server Support Blog
QR: