This article is half-done without your Comment! *** Please share your thoughts via Comment ***
In the previous post, I shared basic details about the Transparent Data Encryption (TDE) of the SQL Server.
Whenever we are encrypting our data or database, we should enable the TDE on a SQL Server Database Level.
After enabling, It will encrypt data files, page files, and backup files of the database.
Below are the necessary steps and T-SQL script to enable TDE on a Database.
Steps:
Sample script to enable TDE:
Create the master key in Master Database:
1 2 3 4 |
USE Master GO CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'dbrndSecured8*8'; GO |
Create a certificate:
1 2 |
CREATE CERTIFICATE SecurityCertificate WITH SUBJECT = 'dbrndSecuredCertificate'; GO |
Use the database to enable TDE:
1 2 |
USE Database_Name GO |
Associate the certificate to the Database:
1 2 3 4 |
CREATE DATABASE ENCRYPTION KEY WITH ALGORITHM = AES_128 ENCRYPTION BY SERVER CERTIFICATE SecurityCertificate; GO |
Enable encryption on the Database:
1 2 3 |
ALTER DATABASE Database_Name SET ENCRYPTION ON; GO |