EncryptByCert expiry dates

[rgbd]

SQL Server 2005 allows to use the EncryptByCert function to encrypt a Column, for example in an Instead-of Insert Trigger, and to use a DecryptByCert function to decrypt a Column, for example in a View.

This is indeed good news, but I have a simple question. To create a Certificate using the CREATE CERTIFICATE you have to give an EXPIRY DATE, or it will default to an expriry date of 1 year. How can one read the encrypted Column after the certificate has expired ?

Is there a way to renew a certificate without having to first decrypt all the fields and export them ?

[rmiao]

Depends on where and how you get the certificate.

[rgbd]

Depends on where and how you get the certificate.

Generated by SQL Server and self-signed

[rgbd]

OK, I created an expired certificate, I only got a warning back but I can happily continue to use it to encrypt and decrypt if using SA. I tried to grant access to the expired certificate to a user and it did not allow me. I guess that the solution in case of an expired certificate is to export the data using SA, create the new certificate, import the data.
The alternative is to use a symmetric key encrypted by a certificate and to keep the symmetric key text in a secure place (on paper, in a safe) and in case the certificate has expired to create a new certificate and create a new symmetric key with the same key text.