First of all, many thanks for your time and for share these useful set of scripts.

Secondly, I really appreciate your help to understand some issues that I have.

My scenario:

I successfully enable TDE on a sample database called 'TDEDatabase' on "instance 1" with SetupTDE.sql, then I successfully restored the sample database on "instance 2", BUT when I tried to remove TDE with RemoveTDE.sql and restart the "instance 2", the database that was encrypted becomes "suspect", the only solution that I founded to bring it back, was restoring the certificate and its private key.

Here a sample of SQL Server Log:

Message

Cannot find server certificate with thumbprint '0x9C49052631B0487200617071C628E764135685B4'.

Message

An error occurred during recovery, preventing the database 'TDEDatabase' (database ID 7) from restarting. Diagnose the recovery errors and fix them, or restore from a known good backup. If errors are not corrected or expected, contact Technical Support.

Message

The database 'TDEDatabase' is marked RESTORING and is in a state that does not allow recovery to be run.

Message

Cannot find server certificate with thumbprint '0x9C49052631B0487200617071C628E764135685B4'.

Note: I skipped the restore of Master Key, instead, I just create a new one on "instance 2".

Did you know where I'm missing?

Thanks!