June 14, 2018 at 3:56 am
Environment: Win2008 R2 / SQL Server 2008 R2 SP3 on Azure VM (IaaS)
Issue: Can I store TDE and CLE certificate and private key files in Azure Key Vault.
So far I have set TDE and CLE in one database. I have then backed up the associated cert/key files locally. I have then used powershell to moved these files to Azure Blob Storage. However I am wondering what is the most secure (if possible) process of getting the files into Azure Key Vault or have I got this wrong and the AKV is to create the keys itself and not to import them.
I know this process is a lot easier with SQL 2016, however stuck with 2008 R2 for now.
Cheers
qh
June 15, 2018 at 10:09 am
CLE - column level encryption?
I think you want this: https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/extensible-key-management-using-azure-key-vault-sql-server?view=sql-server-2017
EKM should be valid in R2.
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply