I use the following to create certificate for database encryption.
use master
--create certificate
CREATE CERTIFICATE Cert4TDE WITH SUBJECT = 'Certificate for TDE';
GO
--back up certificate
BACKUP CERTIFICATE Cert4TDE TO FILE = 'E:\asd\Cert4TDE.crt'
WITH PRIVATE KEY ( FILE = 'E:\asd\privateKeyOfCert4TDE.pvk' ,
ENCRYPTION BY PASSWORD = 'P@ssword2' );
GO
Use [Test5]
GO
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_256 --Supported encryption algorithms are AES with 128-bit, 192‑bit, or 256‑bit keys or 3 Key Triple DES
ENCRYPTION BY SERVER CERTIFICATE Cert4TDE
GO
ALTER DATABASE [Test5]
SET ENCRYPTION ON;
GO
After backuping T5 database and remove the certificate from SQL, I try importing certificate from file
create certificate Cert4TDE
from file = 'E:\asd\Cert4TDE.crt'
with private key
(file = 'E:\asd\privateKeyOfCert4TDE.pvk',
encryption by password = 'P@ssword2',
decryption by password = 'P@ssword2')
I expect that after importing the certificate, I can restore Test5 database, but it throws error : the certificate has a private key that is protected by a user defined password . what I am doing wrong?
