It isn't the exact scenario but I wrote an article late last year about migrating from 2008R2 to Azure SQL database which caused problems because the encryption algorithm had changed...

You might need to bear in mind that as of SQL Server 2017 the encryption algorithm used when creating a symmetric key was changed from SHA1 to SHA2 which means...

Thanks for all your help with this. We've actually come up with another solution based on a couple of other things we came across when scouring the internet. On the...

Thanks Steve. The difference with your repro is the use of 2017. Looking at this article https://feedback.azure.com/forums/908035-sql-server/suggestions/33116269-identical-symmetric-keys-do-not-work-between-sql-s even with an existing certificate and using the same KEY_SOURCE, ALGORITHM and...

Thanks Steve, yes we're on Azure v12.

Thanks for your help so far. Unfortunately we've tried again and still can't get it to work. Here's what we did:

1. Created a new key on the source server using:

Thanks, we managed to get a little bit further but it turns out that the original key was created without a specified KEY_SOURCE or IDENTITY_VALUE which I think means we...

Thanks Steve. We had looked at trying to create the certificate from a backup but this article (https://docs.microsoft.com/en-us/sql/t-sql/statements/create-certificate-transact-sql?view=sql-server-ver15) says you can't create from a file in Azure SQL Database...

We've found that as long as the user accounts are actually migrated to the new domain rather than recreated then SID history takes care of everything and even though the...