May 21, 2014 at 12:08 pm
Hi
Does anyone know the best steps to enable TDE without breaking mirroring. the database is mirrored now but need to enable TDE on principle and mirror database.
Thanks
December 9, 2014 at 12:57 pm
Check out this Blog:
http://ratecontrol.blogspot.com/2011/04/database-mirroring-with-transparent.html
December 9, 2014 at 4:11 pm
Never applied TDE to a mirror, cant see why this won't work though
You'll need to create a database master key on each instance if one doesn't already exist.
Once this is done you can create a certificate in the master database on the principal.
After you create the cert immediately take a backup and then restore it to the mirror instance.
Next, create a DEK key in the principal database on the principal instance.
Finally, alter the database and turn encryption on
However, I would be tempted to break the mirror first, setup TDE and then re mirror. You may check the encryption state using
select DB_NAME(database_id), encryption_state, percent_complete
from sys.dm_database_encryption_keys
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply