October 21, 2012 at 1:29 pm
Hello,
I am a bit confuse about TDE and SQL network force encryption implementation with respect to which certificate to use. I have SQL 2008 R2 server. My development server has SSL certificate installed and it's set to Force Encryption to encrypt network traffic. I want to enable TDE on this server. Do I use the same certificate that is currently installed for Force Encryption or do I need a different certificate for TDE?
Thanks,
fanzi
October 22, 2012 at 6:40 am
You can create an internall-generated one using T-SQL scripts. Just remember to back it up and save the file, along with the passphrase used. Then, this certificate can be transferred to other servers if they also need to restore that same encrypted database. See the below for examples:
http://msdn.microsoft.com/en-us/library/bb510673(SQL.100).aspx
http://selfhandle.com/post/2011/08/05/How-to-enableremove-Transparent-Data-Encryption-(TDE).aspx
October 22, 2012 at 6:42 am
I would also recommend getting the book "Expert SQL Server 2008 Encryption" by Michael Coles and Rodney Landrum, Apress is the publisher. It is very good at explaining the TDE and column-level encryption options.
(I have no personal or financial affiliation associated with this book or its writers or publisher.)
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply