tags:

views:

93

answers:

2
Q: 

Help with Service Broker error message

I am getting this error in my sys.transmission_queue table whenever I attempt to send a SQL Service Broker message between two different SQL Server servers. (i.e. the databases are on two different physical machines)

Dialog security is unavailable for this conversation because there is no security 
certificate bound to the database principal (Id: 5).  
Either create a certificate for the principal, or specify ENCRYPTION = OFF 
when beginning the conversation

When this error refers to "database principal" what is it referring to? (the "master" database? dbo user?) I've used the CREATE CERTIFICATE command, backed up the certificate and created a same named certificate on the other server with the backup .cer file from the first server, but I keep getting this message.

Any help would be appreciated in getting me pointed in the right direction. I must be missing something obvious.

FYI, in my development environment, both the initiating and target databases were on the same physical server, and same SQL instance, and everything was working fine.

+1  A: 

The error refers to a user in the database hosting your Service Broker service (select name from sys.database_principals where principal_id = 5).

In addition to exporting a certificate to the target server, you also need to import target server's certificate, associate it with a user and create a remote service binding to tell Service Broker which local user represents the remote service. The following 2 articles should help you: Service Broker Dialog Security and Securing a dialog with certificates.

Pawel Marciniak  2010-04-08 15:26:39
Another resource, if one has a SQL Server Central web account, is the following article: http://www.sqlservercentral.com/articles/Service+Broker/2797/
yanigisawa  2010-04-08 22:16:31
It turns out that I had created the Initiating service with: "AUTHORIZATION <PrincipalId = 5 User>"; rather than leaving out this clause. Once I dropped and recreated the Initiating service without the AUTHORIZATION statement, it started working.
yanigisawa  2010-04-08 22:17:45
A: 

In addition to what Pawel said, I'd also recommend to give the SSBDIAGNOSE tool a try. Use the CONFIGURATION option and it will tell you exactly what user needs certificates, in which database, as well as analyzing the endpoint connectivity, the routes and the permissions.

Remus Rusanu  2010-04-08 15:34:11
Thanks Remus for the tool. It didn't end up helping us find the exact problem, but it was handy in identifying a duplicate service_broker_guid problem we had when we restored a back-up from another server.
yanigisawa  2010-04-08 22:18:47

related questions

Sql to query a dbs scheme
Transform Columns into Rows
SQL Client for Mac OS X that works with MS SQL Server
How do you get leading wildcard full-text searches to work in SQL Server?
SQL Server 2000: Is there a way to tell when a record was last modified?
What's the BEST way to remove the time portion of a datetime value (SQL Server)
I need to know how much disk space a table is using in SQL Server
What's the best way to determine if a temporary table exists in SQL Server?
Appropriate pagefile size for SQL Server
Have you ever encountered a query that SQL Server could not execute because it referenced too many tables?
ASP.NET MVC "CRUD" Database Sample
How do I unit test persistence?
Best Book for a new Database Developer
Can I logically reorder columns in a table?
Best way to copy a database in SQL Server 2005/8?
Is Windows Server 2008 "Server Core" appropriate for a SQL Server instance?
Why doesn't SQL Full Text Indexing return results for words containing #?
Client collation and SQL Server 2005
Editing database records by multiple users
Deploying SQL Server Databases from Test to Live
SQL Server 2005 implementation of MySQL REPLACE INTO?
Upgrading SQL Server 6.5
How do I version my MS SQL database in SVN?
How to export data from SQL Server 2005 to MySQL
Check for changes to a SQL table?