I have some columns that are encrypted using SQL Server 2005 built in
encryption. What happens when I backup and restore this database on another
server? Does SQL Server have to re-encrypt these columns on this new
server? The Master Key is different on the new server, right?
--IKEThe Service Master Key is different, yes. The Database Master Key and all
other keys in the database were carried over with your data.
So the only thing that you may need to do is to re-encrypt the Database
Master Key with the Service Master Key of the new server, if you had such SM
K
encryption on the old server as well. To do this, you need to do the
following steps while connected to the database:
-- open the database master key
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'whatever_password'
-- re-encrypt with the current server's SMK
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY
For more info about these statements, see:
http://msdn2.microsoft.com/en-us/library/ms130214.aspx
http://msdn2.microsoft.com/en-us/library/ms186937.aspx
This scenario was also discussed here:
http://blogs.msdn.com/lcris/archive.../30/475822.aspx
Thanks
Laurentiu Cristofor [MSFT]
Software Design Engineer
SQL Server Engine
http://blogs.msdn.com/lcris/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Ike the Potato" wrote:
> I have some columns that are encrypted using SQL Server 2005 built in
> encryption. What happens when I backup and restore this database on anoth
er
> server? Does SQL Server have to re-encrypt these columns on this new
> server? The Master Key is different on the new server, right?
> --IKE
>
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment