Database Administrators Stack Exchange
Database Administrators Stack Exchange

Questions tagged [encryption]

The conversion of data into a form that cannot be easily understood by unauthorized users.

402 questions
23
votes
4 answers

SQL server service won’t start after disabling TLS 1.0 and SSL 3.0

Because of security reasons, we disabled TLS 1.0 and older protocols on our windows, and enabled just TLS 1.1 and TLS 1.2 under the following registry path: …
Jiri Mares
  • 331
  • 1
  • 2
  • 5
21
votes
2 answers

Query to List Encryption Certificate for Databases

What certificate is being used to encrypt each of the databases on the instances. I can get the data using the following but how do I write the queries USE master GO -- this provides the list of certificates SELECT * FROM sys.certificates -- this…
Barry MSIH
  • 313
  • 1
  • 2
  • 6
19
votes
4 answers

How can I check if connection to Sql Server is encrypted?

In SQL Server I can "Force Encryption" in protocols settings. If I leave that set to "No" any client can still require encryption. Can I somehow see what connections to the database are using encryption?
Mathias Rönnlund
  • 305
  • 1
  • 2
  • 7
18
votes
2 answers

How to use aes-encryption in PostgreSQL?

I tried aes-encryption by using following statement: SELECT encrypt('test', 'key', 'aes'); which worked, but I am not able to decrypt the value. I inserted it in a field of datatype bytea but I'm not sure if that was the right way. SELECT…
32bitfloat
  • 647
  • 3
  • 9
  • 18
17
votes
3 answers

When do I need to backup the Service Master Key?

I'm reading some documentation and whitepaper about Transparent Data Encryption. Some documentation mention to backup the Service Master Key as well (For clarification I'm not talking about the Database Master Key). I just don't exactly understand…
gsharp
  • 347
  • 4
  • 14
16
votes
5 answers

MySQL SSL error: Unable to get private key

Getting an error while trying to enable encryption: [ERROR] SSL error: Unable to get private key from '/etc/mysql/ssl/nginx.key' [Warning] Failed to set up SSL because of the following SSL library error: Unable to get private…
Velkan
  • 411
  • 1
  • 3
  • 8
13
votes
1 answer

How can I know what hashing algorithm SQL Server used to decrypt the encrypted data when using the function DECRYPTBYPASSPHRASE?

My question is related to the following experiment with two instances: SQL Server 2017 Express instance (Microsoft SQL Server 2017 (RTM-CU16)) SQL Server 2014 Express instance (Microsoft SQL Server 2014 (SP2-CU18)) I used the function…
Ronaldo
  • 6,017
  • 2
  • 13
  • 43
12
votes
2 answers

Restoring encrypted database on another server (using Backup Encryption)

I have two SQL Server instances on same machine. I want to create an encrypted backup on one of the databases and then restore it on the second instance. I am doing the following steps: Create and backup database master key in the master database…
gotqn
  • 4,348
  • 11
  • 52
  • 91
11
votes
1 answer

"Force Encryption" vs "Force Protocol Encryption" in SQL Server

I'm trying to understand how the different settings affect the behaviour of my server-client communication. On the server I have installed a self-signed CA with an issued exchange cert which also has been configured to be used by my SQL service. At…
Andreas Zita
  • 259
  • 1
  • 2
  • 8
11
votes
4 answers

Is there a quick way to find all columns in SQL Server 2008 R2 that are encrypted/have encrypted data?

Is there a quick way to find all columns in SQL Server 2008 R2 that are encrypted/have encrypted data? I need to nullify the data in all encrypted columns in a development server (according to our business rules). I know most of the columns because…
efesar
  • 1,072
  • 1
  • 6
  • 12
10
votes
3 answers

Can I recover a TDE certificate by restoring the MASTER database?

(We are, fortunately, not currently in this situation, just planning ahead to see what our options would be if it ever occurred.) For a database encrypted with Transparent Date Encryption (TDE), a copy of the database backup is unrecoverable unless…
BradC
  • 10,073
  • 9
  • 51
  • 89
10
votes
1 answer

Why does SQL Server require a private key to encrypt a backup?

I am setting up an experiment where I only have the public key portion of a certificate on the server. The certificate was generated on another server and I did not restore the private key. When I try to backup a database with encryption using that…
kirchner
  • 318
  • 1
  • 8
10
votes
2 answers

Error: "The certificate cannot be dropped because one or more entities are either signed or encrypted using it."

I have a certificate I would like to remove from the database. If I issue the command DROP CERTIFICATE I get the error The certificate cannot be dropped because one or more entities are either signed or encrypted using it According to…
Geoff Dawdy
  • 1,143
  • 7
  • 23
  • 53
10
votes
2 answers

TDE prep: key/certificate backup for restores

I am working in a dev environment to better understand TDE encryption. I have it working along with backups and restores on another server. Had a few questions, I know I need to backup the certificate with the corresponding private key. USE master;…
Thorin
  • 320
  • 4
  • 14
9
votes
2 answers

How to restore symmetric key on the new database?

I have an issue with symmetric key restoring on the another database. I have table in the first(old) database with encrypted column.(The table contains encrypted data) The key in the old database has been created with the next sql script: CREATE…
k0lpak
  • 193
  • 1
  • 1
  • 5
1
2 3
26 27