I want to setup a single instance of sql-server as a mirror-backup for 2 production-servers, and I need to use certificate authentication because they are not part of an AD-domain.
Reading the documentation, it claims this:
All mirroring connections on a server instance use a single database mirroring endpoint, and you must specify the authentication method of the server instance when you create the endpoint. Therefore, you can use only one form of authentication per server instance for database mirroring.
does this mean that it's impossible to use one instance, to backup databases from two other instances?
Since I need to create certificates on all three machines (if I understand it correctly), and I use certificates per endpoint. Shouldn't I be able to create two endpoints on my backup-machine that uses different certificates?
You can only create a single database mirroring endpoint on that instance.
You should be able to simply create a certificate on your backup machine, and create the endpoint based on that cert. Then backup the cert and import it into both production servers. On each production server create a cert (each with different names) then backup and restore that cert to the backup server.
At that point you should be ready to start database mirroring.
The certificates represent endpoint identities. An instance can have only one endpoint for mirroring, and that endpoint can be bound to a single certificate and private key. All peers the endpoint is connecting to must have a copy of the same certificate (just the public key) that is associated with a login that is granted CONNECT permission on the endpoint. This deployment is always symmetric.
You can read on my blog exactly how mirroring endpoint authentication works.
So in a case involving one instance (A) connecting to 2 other instances (B and C):