January 29, 2015 at 1:50 am
Hello Guys,
I'm confronted with this problem: I have TDE backup one serverA
but There is no backup of certificates or keys from Server A. And no one knows the password used to create those backups. How do you restore the database XYZ at that time on Server B?
Thanks,
BR,
Hadrian
January 29, 2015 at 1:54 am
You cannot. That's the whole point of TDE.
If ServerA is not available any more, I guess you're out of luck.
-- Gianluca Sartori
January 29, 2015 at 1:55 am
You need the certificate.
The entire point of TDE is that a backup of a TDE protected database cannot be restored to any other server unless that server has the certificate.
If you can't back the certificate up om Server A, then you are in serious danger of losing that entire DB (what happens if server A dies)?
If that is the case, I would suggest you turn TDE off on that DB on server A, create new certificates back the certificate up to somewhere safe, re-encrypt the DB and then you can restore the certificate on other servers and restore the DB afterwards.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
January 29, 2015 at 2:38 am
Thanks a lot ,
I have one more question If the key and certificate has been backed up on server A. But the password is forgotten. How do you restore the database XYZ at that time on Server B?
January 29, 2015 at 2:42 am
Take a new backup of the certificate. If you can't, see my earlier post about changing the certificate.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
January 29, 2015 at 2:44 am
Thanks again Gila,
Have a nice day!
Hadrian
January 29, 2015 at 5:56 am
Hadrian (1/29/2015)
There is no backup of certificates or keys from Server A. And no one knows the password used to create those backups.
Having trouble understanding this, do you or do you not have a certificate backup?
If you do have a backup and don't know the password used to protect the private key then just create a new backup and store the new password securely. Remove the old backup to avoid confusion.
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
February 3, 2015 at 5:59 am
we dont have a cerificate or backup,everything is lost including the password.
February 3, 2015 at 6:01 am
What about the source server, where the database currently is? Or is that gone too?
What, exactly, is the situation with regard to this database?
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
February 3, 2015 at 6:53 am
Hi Gail,
The database server is up and the key and certificate has been backed up on server A. But the password is forgotten. we wish to restore on server B. There is a possibility to hack the password?
Thanks,
Hadrian
February 3, 2015 at 7:17 am
Once more with feeling....
Take a new backup of the certificate. If you can't, see my earlier post about changing the certificate.
The existing password on the existing certificate backup is irrelevant if you can take a *new* backup of the certificate and specify a new password upon doing so. Once you have taken a new backup of the certificate, then, since you know the password for that new backup, you can restore it to server B.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
February 3, 2015 at 7:49 am
So in conclusion without password we cannot restore our encrypted database?
Thanks very much,
Hadrian
February 3, 2015 at 8:44 am
Hadrian (2/3/2015)
So in conclusion without password we cannot restore our encrypted database?Thanks very much,
Hadrian
Take a new backup of the certificate on the ServerA giving it a password you know.
Then restore this backup onto the ServerB.
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
February 3, 2015 at 9:16 am
only one new thing but we could restore on THE SAME server without password?
February 3, 2015 at 9:32 am
it seems clear that you do not understand the situation you are dealing with, I would highly recommend you seek help before you render the database inaccessible, you likely won't be popular if that happens
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
Viewing 15 posts - 1 through 15 (of 24 total)
You must be logged in to reply to this topic. Login to reply