High Level Steps to enable TDE Create the DMK Create the TDE Cert Backup the TDE Cert Create the DEK Encrypt the DB Monitor Progress 1. Creating the Database Master Key (DMK) Symmetric key used to protect private keys and asymmetric keys Protected itself by Service Master Key (SMK), which is created by SQL Server setup Use syntax as follows: USE master; GO CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'P@ssword1'; GO 2. Create Certificate Protected by DMK Protected by the DMK Used to protect the database encryption key Use syntax as follows: USE master; GO CREATE CERTIFICATE CompanyABCtdeCert WITH SUBJECT = 'CompanyABCTDE Certificate' ; GO 3. Backup Master Key and Cert Without a backup, data can be lost Backup creates two files, the Cert backup and the Private Key File Use following syntax: USE master; GO BACKUP CERTIFICATE CompanyABCtdeCert TO FILE = 'c:\Backup\BackupCompanyABCtdeCERT.cer' WITH PRIVATE KEY ( FILE = 'c:\Backup\Backu...
Idea, Thought, Opinion, Feedback, Challenges, Experiences on Microsoft platform.