Hi,
I implemented TDE on our Production Database environment. It is straight forward. Followed the set of scripts below:
USE master;
CREATE MASTER KEY
ENCRYPTION BY PASSWORD = 'Pass@word1';
GO
USE master;
CREATE CERTIFICATE TDECert
WITH SUBJECT = 'TDE Certificate'
GO
CREATE DATABASE mssqltips_tde
GO
USE mssqltips_tde;
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_256
ENCRYPTION BY SERVER CERTIFICATE TDECert
GO
ALTER DATABASE mssqltips_tde
SET ENCRYPTION ON
Now a new client of ours wants us to use SHA2. I see that the certificate's signature hash algorithm is SHA1. They need it changed to SHA2.
please see here to check what I mean - http://screencast.com/t/JfpLoljI7
So looks like the default hash algorithm used when we create the certificate using above SQL is SHA1. How do I force SHA2 for this?
Thanks for your help.
- RM