Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
cedubose
Starting Member
22 Posts |
 Posted - 2006-05-02 : 13:51:59
|
I am just wondering if there would be a problem in basically copying a database from one server to another (using a restore of a backup) if the database has some encrypted fields.I presume the symmetric keys, certificates, and master key will be restored correctly. The thing I am worried about is the Service Master Key. The SMK is used to encrypt the database master keys, so if it is different from the one on the old server, I anticipate there might be a problem.As I understand it, the SMK is created using the login credentials of the service that runs it. Does that mean if SQL Server runs on the same service on both servers, the SMK will be the same? On both servers the database seems to be running on LocalSystem. As far as I know, that's the only credential -- there is no password.If anyone could give me some enlightenment, I would be most appreciative!  Cynthia |
|
|
Kristen
Test
22859 Posts |
Posted - 2006-05-02 : 14:06:27
|
| I can't think of anything that is part of SQL Server which is encrypted which will break after doing a Restore on a new server (but you will need to re-synchronise the Database Users with the Server Logins).The only two things I can think of which are encrypted are the Login Passwords and any SProcs, Triggers, Views, etc. which used the ENCRYPTED keyword when they were created, but from your question it sounds like you are thinking of something else, which might imply something relating to a 3rd Party - can you clarify a bit more what you have that is encrypted please?Kristen |
 |
|
|
cedubose
Starting Member
22 Posts |
Posted - 2006-05-02 : 19:19:16
|
| Actually, I did an experiment where I recreated the master key, certificate, and symmetric key on the new server using backups or identical parameters from the old server. Then I tried to decrypt, on the new server, something that I had encrypted on the old server. It decrypted correctly -- which tells me I basically don't have to worry about the Service Master Key.So, I guess I have answered my own question -- thanks anyway!Cynthia |
|
|
|
|
|
|
|
|
Moving DB to another server -- encryption concerns