Quantcast
Channel: SQL Server Replication forum
Viewing all articles
Browse latest Browse all 4054

Questions on TDE ?

$
0
0

Hi All,

I have some questions related to SQL 2008 EE feature Transparent Data encryption (TDE).
While implementing TDE we create a certificate in master database as follows and immediately take the backup of it.

use master
go
CREATE CERTIFICATE TDECert WITH SUBJECT = 'Test TDE Certificate'
go

Question 1)

By default expiry date of the certificate is 1 year.Now let’s say, my certificate is expired, then what happens?
Even further, since certificate is expired, if I say, ALTER DATABASE <DBname> SET ENCRYPTION OFF; will I get back my original plaintext or my data is LOST? For certificate expiry date what are the measures to be taken care ? Usually, what value is set for expiry_Date?


Question 2) For some reason, If I lost my certificate or it got corrupted , how can i get my original data ?
Will ALTER DATABASE <DBname> SET ENCRYPTION OFF; would help in any way or no use?

Question 3) if the database is already in AG. let's say db1, now I implemented TDE on primary , before enabling the TDE on primary, do i need to remove that database from AG?,
then implement TDE and then add it back to AG?

Thanks,

Sam


Viewing all articles
Browse latest Browse all 4054

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>