February 3, 2015 at 9:40 am
Install SQL Server Binaries on Server B (exact same build including all hotfix and patches as server A)
Move or copy the backup of the server certificate and the private key file from the source server to the same location on the destination server.
Restore the Master Database on a server B (SAME BUILD), This includes the master Key and certificate
https://support.microsoft.com/kb/264474
Restore the Encrypted Database
this it works?
February 3, 2015 at 9:47 am
This is working?
Install SQL Server Binaries on Server B (exact same build including all hotfix and patches as server A)
Move or copy the backup of the server certificate and the private key file from the source server to the same location on the destination server.
Restore the Master Database on a server B (SAME BUILD), This includes the master Key and certificate
Restore encrypted database
this is a new scenario
February 3, 2015 at 1:37 pm
Hadrian (2/3/2015)
So in conclusion without password we cannot restore our encrypted database?Thanks very much
Are you reading anything I write?
Server A is online and working.
Server A contains a working, accessible copy of the database
Is that correct?
If so, then the fact that you don't know the password to the backup of the certificate is completely irrelevant! Please turn TDE off on that database until you've had time to read up on how encryption works, how certificates work and have had time to practice backing up and restoring of certificate and database.
To be clear, that has nothing to do with backups of anything. On ServerA, run an alter database and turn encryption off. Otherwise if you insist on proceeding with the current poor understanding of how TDE and certificates actually work, you are very likely to cause the complete loss of that database.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
February 3, 2015 at 1:39 pm
Hadrian (2/3/2015)
Install SQL Server Binaries on Server B (exact same build including all hotfix and patches as server A)Move or copy the backup of the server certificate and the private key file from the source server to the same location on the destination server.
Restore the Master Database on a server B (SAME BUILD), This includes the master Key and certificate
https://support.microsoft.com/kb/264474
Restore the Encrypted Database
this it works?
No. That will not work.
Just turn the damn encryption off on the database on Server A. That or follow Perry's advice and get someone in that understands this stuff.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
February 3, 2015 at 3:15 pm
I try to understand how the TDE it's working,i begin to test restore on another server,I've just received this new situations ,TDE could not be turn off.
Thanks for you time,
Hadrian
February 3, 2015 at 4:27 pm
Hadrian (2/3/2015)
TDE could not be turn off.
Did you receive any error message??
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
February 4, 2015 at 1:50 am
first success to restore the database on the server B with a new certificate backup and new password taken from server A(as you said).
Now it remains to test what managers asked in order to restore master database .
Thanks,
Hadrian
February 4, 2015 at 6:18 am
do not restore the master database from one instance to another, you have been warned!!!!
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
February 4, 2015 at 6:34 am
Thanks Perry,
Is just for test(managers asked to try this operation) .Please could you me an argument why?
February 4, 2015 at 9:00 am
Hadrian (2/4/2015)
Thanks Perry,Is just for test(managers asked to try this operation) .Please could you me an argument why?
It is not supported by Microsoft. The master database is unique to the instance where it is installed, it has all sorts of content embedded inside, at the very least you'll lose the ability to encrypt\unencrypt any linked servers and remote login credentials. Don't do it, the people asking you to obviously have no idea of the ramifications
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
Viewing 10 posts - 16 through 24 (of 24 total)
You must be logged in to reply to this topic. Login to reply