We would like to use SQL Server encryption to encrypt multiple columns in our databases. We also need to transfer data between our production and test environments. It seems like the best solution would be to use the same master key, certificate, and symmetric key on production and test servers so that I can encrypt or decrypt columns in production or test environments with the same results.
So far, I have been trying to use the same create script in both environments that did not work. It is encrypted on one server, but not decrypted on another, after transferring data to another server:
use <database name>
CREATE MASTER KEY ENCRYPTION BY
PASSWORD = <password1>
use <database name>
CREATE CERTIFICATE <certificate name>
WITH SUBJECT = <certificate subject>
use <database name>
CREATE SYMMETRIC KEY <key name>
WITH ALGORITHM = AES_256
ENCRYPTION BY CERTIFICATE <certificate name>
, , , , , , , .
use <database name>
OPEN MASTER KEY DECRYPTION BY PASSWORD = <password1>
BACKUP MASTER KEY TO FILE = 'c:\masterkey.txt'
ENCRYPTION BY PASSWORD = <password2>
use <database name>
BACKUP CERTIFICATE <certificate name> TO FILE = 'c:\Cert.txt'
WITH PRIVATE KEY ( FILE = 'c:\Key.txt' ,
ENCRYPTION BY PASSWORD = <password3> )
use <database name>
RESTORE MASTER KEY
FROM FILE = 'c:\masterkey.txt'
DECRYPTION BY PASSWORD = <password2>
ENCRYPTION BY PASSWORD = <password1>
use <database name>
OPEN MASTER KEY DECRYPTION BY PASSWORD = <password1>
CREATE CERTIFICATE <certificate name>
FROM FILE = 'c:\Cert.txt'
WITH PRIVATE KEY (FILE = 'c:\Key.txt',
DECRYPTION BY PASSWORD = <password3>)
SQL Server ?