--DROP CERTIFICATE qanholasCert
--DROP DATABASE ENCRYPTION KEY
--DROP MASTER KEY
USE master
GO
CREATE MASTER KEY ENCRYPTION BY PASSWORD = '123456'
CREATE CERTIFICATE qanholasCert
WITH SUBJECT = 'The Certificate for qanholas database'
USE qanholas
GO
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_128
ENCRYPTION BY SERVER CERTIFICATE qanholasCert
GO
--BACKUP LOG qanholas TO DISK='c:\1.log'
ALTER DATABASE qanholas
SET ENCRYPTION on
BACKUP DATABASE qanholas
TO DISK = 'C:\qanholas_encrypted.bak'
WITH INIT, STATS = 10
警告: 用于对数据库加密密钥进行加密的证书尚未备份。应当立即备份该证书以及与该证书关联的私钥。
如果该证书不可用,或者您必须在另一台服务器上还原或附加数据库,则必须对该证书和私钥均进行备份,
否则将无法打开该数据库。
USE master
GO
BACKUP CERTIFICATE qanholasCert
TO FILE = 'C:\qanholasCert.cer'
WITH PRIVATE KEY (FILE = 'C:\qanholasCert_Key.pvk' ,
ENCRYPTION BY PASSWORD = 'mY_P@$$w0rd' )
GO
USE master
GO
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'EnKrYpt3d_P@$$w0rdSS'
GO
