How to encrypt on one SQL Server and decrypt on another?

Question

We would like to use SQL Server Encryption to encrypt a couple of columns within our databases. We also need to transfer data between our production and test environment. It seems like the best solution would be to use the same master key, certificate, and symmetric key on the production and test servers so that I could encrypt or decrypt the columns in either production or test environments with the same results.

So far I have tried using the same create script in both environments which did not work. It encrypted on one server but did not decrypt on the other after data was transferred to the other server:

use 
CREATE MASTER KEY ENCRYPTION BY 
   PASSWORD = 

use 
CREATE CERTIFICATE 
   WITH SUBJECT = 

use 
CREATE SYMMETRIC KEY 
    WITH ALGORITHM = AES_256
    ENCRYPTION BY CERTIFICATE

And I have tried creating the master key, certificate, and symmetric key on one server and then restoring it on the other which doesn’t seem to create the key and therefore doesn’t work either.

use 
OPEN MASTER KEY DECRYPTION BY PASSWORD = 
BACKUP MASTER KEY TO FILE = 'c:\masterkey.txt' 
    ENCRYPTION BY PASSWORD = 

use 
BACKUP CERTIFICATE  TO FILE = 'c:\Cert.txt'
    WITH PRIVATE KEY ( FILE = 'c:\Key.txt' , 
    ENCRYPTION BY PASSWORD =  )

use 
RESTORE MASTER KEY 
    FROM FILE = 'c:\masterkey.txt' 
    DECRYPTION BY PASSWORD = 
    ENCRYPTION BY PASSWORD = 

use 
OPEN MASTER KEY DECRYPTION BY PASSWORD = 
CREATE CERTIFICATE 
    FROM FILE = 'c:\Cert.txt'
    WITH PRIVATE KEY (FILE = 'c:\Key.txt', 
    DECRYPTION BY PASSWORD = )

How can I encrypt on one SQL Server and decrypt on another?

adam0101 · Accepted Answer

We found that when encrypting on the first server, you create the symmetric key specifying the key source and the identity value. Then when decrypting on the other server, you specify the same key source and identity value when creating that symmetric key.

How to encrypt on one SQL Server and decrypt on another?

Answers (1)

Related Questions