Scribd Logo
Upload

Welcome to Scribd!

  • TDE Example

    Uploaded by

    bhatroopa73
    3 views1 page
    The document creates a master key and certificate in the master database to encrypt the NuggetDemoDB database. It then creates an encryption key for NuggetDemoDB protected by the certificate and encrypts the database. Finally, it backs up the certificate and private key to file and recreates the certificate from the backup.

    Original Description:

    Original Title

    TDE example

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document creates a master key and certificate in the master database to encrypt the NuggetDemoDB database. It then creates an encryption key for NuggetDemoDB protected by the certificate and encrypts the database. Finally, it backs up the certificate and private key to file and recreates the certificate from the backup.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views1 page

    TDE Example

    Uploaded by

    bhatroopa73
    The document creates a master key and certificate in the master database to encrypt the NuggetDemoDB database. It then creates an encryption key for NuggetDemoDB protected by the certificate and encrypts the database. Finally, it backs up the certificate and private key to file and recreates the certificate from the backup.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    USE master

    GO

    --Create master key


    CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'm@5te7P@55w0rd'
    GO

    --Create certificate used for database encryption


    CREATE CERTIFICATE ServerCert WITH SUBJECT = 'TDE Server Cert'
    GO

    USE NuggetDemoDB
    GO

    --Create database encryption key (DEK) and protect using certificate


    CREATE DATABASE ENCRYPTION KEY WITH ALGORITHM = AES_128
    ENCRYPTION BY SERVER CERTIFICATE ServerCert
    GO

    --Encrypt database
    ALTER DATABASE NuggetDemoDB
    SET ENCRYPTION ON
    GO

    --Dynamic Management View to see encryption state


    SELECT * FROM sys.dm_database_encryption_keys

    USE master
    GO

    --Backup certificate stored in master database


    BACKUP CERTIFICATE ServerCert TO FILE = 'TDE Server Cert'
    WITH PRIVATE KEY (
    FILE = 'PrivateKeyFile',
    ENCRYPTION BY PASSWORD = '\o/_P@55w0rd_\o/'
    )
    GO

    --Recreate certificate
    CREATE CERTIFICATE TestSQLServerCert FROM FILE = 'TDE Server Cert'
    WITH PRIVATE KEY (
    FILE = 'PrivateKeyFile',
    DECRYPTION BY PASSWORD = '\o/_P@55w0rd_\o/'
    )
    GO

    You might also like