【发布时间】:2011-07-12 02:32:24
【问题描述】:
我们想使用 SQL Server 加密来加密我们数据库中的几个列。我们还需要在生产环境和测试环境之间传输数据。似乎最好的解决方案是在生产和测试服务器上使用相同的主密钥、证书和对称密钥,这样我就可以在生产或测试环境中加密或解密列并获得相同的结果。
到目前为止,我已经尝试在两种环境中使用相同的创建脚本,但都不起作用。它在一台服务器上加密,但在数据传输到另一台服务器后没有在另一台服务器上解密:
use <database name>
CREATE MASTER KEY ENCRYPTION BY
PASSWORD = <password1>
use <database name>
CREATE CERTIFICATE <certificate name>
WITH SUBJECT = <certificate subject>
use <database name>
CREATE SYMMETRIC KEY <key name>
WITH ALGORITHM = AES_256
ENCRYPTION BY CERTIFICATE <certificate name>
我已经尝试在一台服务器上创建主密钥、证书和对称密钥,然后在另一台服务器上恢复它,这似乎没有创建密钥,因此也不起作用.
use <database name>
OPEN MASTER KEY DECRYPTION BY PASSWORD = <password1>
BACKUP MASTER KEY TO FILE = 'c:\masterkey.txt'
ENCRYPTION BY PASSWORD = <password2>
use <database name>
BACKUP CERTIFICATE <certificate name> TO FILE = 'c:\Cert.txt'
WITH PRIVATE KEY ( FILE = 'c:\Key.txt' ,
ENCRYPTION BY PASSWORD = <password3> )
use <database name>
RESTORE MASTER KEY
FROM FILE = 'c:\masterkey.txt'
DECRYPTION BY PASSWORD = <password2>
ENCRYPTION BY PASSWORD = <password1>
use <database name>
OPEN MASTER KEY DECRYPTION BY PASSWORD = <password1>
CREATE CERTIFICATE <certificate name>
FROM FILE = 'c:\Cert.txt'
WITH PRIVATE KEY (FILE = 'c:\Key.txt',
DECRYPTION BY PASSWORD = <password3>)
如何在一个 SQL Server 上加密并在另一个 SQL Server 上解密?
【问题讨论】:
标签: sql-server sql-server-2008 encryption cryptography