首頁 > 開發者 > SQL Server
標籤:
一,加密過程
(1)切換到master下:
use master;
(2)根據一段自訂密碼建立主要金鑰:
CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘密碼‘;
(3)建立主要金鑰認證,主題任意填:
CREATE CERTIFICATE 認證名 WITH SUBJECT = ‘測試主題‘;
(4)切換到要加密的庫下:
use 使用者資料庫;
(5)根據密碼編譯演算法和認證建立資料庫密鑰:
CREATE DATABASE ENCRYPTION KEY WITH ALGORITHM = AES_128 ENCRYPTION BY SERVER CERTIFICATE 認證名;
(6)開啟該庫的加密狀態:
ALTER DATABASE 使用者資料庫 SET ENCRYPTION ON;
------------------------------------------------------------------
二,備份與還原
(1)備份主要金鑰在指定目錄中:
BACKUP MASTER KEY TO FILE = ‘d:\storedkeys\weifang\masterkey‘ ENCRYPTION BY PASSWORD = ‘密碼‘
(2)備份認證:
BACKUP CERTIFICATE 認證名 TO FILE = ‘d:\storedcerts\weifang\sdjslcert‘; :
(3)還原master key:
use master
RESTORE MASTER KEY FROM FILE = ‘d:\storedkeys\weifang\masterkey‘
DECRYPTION BY PASSWORD = ‘密碼‘
ENCRYPTION BY PASSWORD = ‘密碼‘;
--因為我這裡還留有原來的認證,所以會提示如下資訊:
--The old and new master keys are identical. No data re-encryption is required.
(4)還原認證
CREATE CERTIFICATE 認證名
FROM FILE = ‘d:\storedcerts\sdjslcert‘
GO
--因為認證已經存在,所以提示如下資訊:
--A certificate with name ‘MyServerCert2‘ already exists or this certificate already has been added to the database.
--需要注意的是認證並不是按照認證名來區分的。我原來的認證名叫做MyServerCert,此處建立的認證名為MyServerCert2,但是是來自MyServerCert的一個備份,還是報錯。
sql server透明資料加密
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
