两年前,我在 SQL Server 2008 中使用以下代码加密(TDE)数据库
USE MASTER;
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'Strong Password'
GO
USE MASTER;
CREATE CERTIFICATE DB_CER WITH SUBJECT = 'DB Certificate'
GO
USE DB
GO
CREATE DATABASE ENCRYPTION KEY WITH
ALGORITHM = AES_256 ENCRYPTION BY
SERVER CERTIFICATE DB_CER ;
GO
USE DB
ALTER DATABASE DB
SET ENCRYPTION ON ;
GO
USE master;
GO
BACKUP CERTIFICATE DB_CER
TO FILE = 'c:\Backup\certificate_DB_Certificate.cer'
WITH PRIVATE KEY
(FILE = 'c:\Backup\certificate_DB_Key.pvk',
ENCRYPTION BY PASSWORD = 'Strong Password')
我对 DB 数据库和 certificate_DB_Certificate.cer 和 certificate_DB_Key.pvk 进行了完整备份,并将其保存到我的硬盘上。两年后,我用不同的电脑恢复了 MASTER KEY 和 CERTIFICATE,所以我可以恢复备份文件
CREATE CERTIFICATE DB_CER
FROM FILE = 'D:\Backup\certificate_DB_Certificate.cer'
WITH PRIVATE KEY (FILE = 'D:\Backup\certificate_OCV_DB_Key.pvk',
DECRYPTION BY PASSWORD = 'Strong Password')
运行代码后,我收到了这条消息
警告:您创建的证书已过期。
因此,我删除了证书并将 PC 日期更改为 2015/Jun(创建证书的日期)然后我使用成功完成的命令再次重新创建证书,但是当我恢复备份文件时,我收到了这条消息
还原数据库“DB”失败。
(Microsoft.SqlServer.Management.RelationalEngineTasks) System.Data.SqlClient.SqlError:找不到带有指纹“0xFC01AD2683E08A4C8CD6A0F037DC66A945FBA44D”的服务器证书。(Microsoft.SqlServer.SmoExtended)
有什么建议么?