Azure Always Encrypted column encryption key cannot be found by Microsoft JDBC driver for Java after changing encryption key

Question

I am using Java with Spring Framework, connected to a SQL database through Microsoft JDBC Driver.

One of the tables in the database has a column that is encrypted with Azure Always Encrypted. I recently changed the encryption key of the column (decrypted data with old key, encrypted data with new key), and even though the Java service uses a client who is authenticated to access both column encryption keys, I get the message in the Java application:

SQL Error: 33294, SQLState: S0004

com.microsoft.sqlserver.jdbc.SQLServerException: Some parameters or columns of the batch require to be encrypted, but the corresponding column encryption key cannot be found. Use sp_refresh_parameter_encryption to refresh the module parameters metadata.

I have tried redeploying the service with no luck. I also tried to run the procedure sp_refresh_parameter_encryption, but it requires a module or a stored procedure as parameter, and I don't see any obvious stored procedure to give to it.

Answer 1

I found out that one or more procedures were cached using the old column encryption keys. By running the query

ALTER DATABASE SCOPED CONFIGURATION CLEAR PROCEDURE_CACHE;

the cache was cleared, the new keys were loaded and everything went fine.