Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Steve Jones TDE DR RE: TDE DR

  • July 12, 2013 at 11:21 am

    #1632059

    IgorMi (7/12/2013)

    Nice question!

    What if you already have a master key that is used by a certificate aimed for another database (dbA) on the instance you're moving the dbB?

    Just for clarification.

    I think you should drop the dbA certificate (backup before) using the old master service key, then drop the master key and recreate with another password (same as for dbB certificate), and then create the new certificate from the cert and key files you moved on the new instance, using the new master key?

    Regards,

    IgorMi

    the master key is part of the encryption hierarchy. It can protect more than one certificate or asym key.

    If you already have a master key on the new instance, you just restore the certificate, and have it protected by the master key. No need to drop anything.