FIX: You cannot restore a backup of a database on another instance of SQL Server if you disable transparent data encryption before you create the backup in SQL Server 2008 or in SQL Server 2008 R2

Article ID: 2300689 - View products that this article applies to.
Microsoft distributes Microsoft SQL Server 2008 and Microsoft SQL Server 2008 R2 fixes as one downloadable file. Because the fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 or SQL Server 2008 R2 fix release.
Expand all | Collapse all

On This Page

SYMPTOMS

Consider the following scenario:
  • You use transparent data encryption on a database in SQL Server 2008 or in Microsoft SQL Server 2008 R2.
  • You disable encryption for the database.
  • You back up the database immediately after you disable encryption.
  • You try to restore the database on another instance of SQL Server by using the backup.
In this scenario, the restore operation fails, and you receive an error message that resembles the following:
System.Data.SqlClient.SqlError: The file "<database name>_log" failed to initialize correctly. Examine the error logs for more details. (Microsoft.SqlServer.Smo)
However, the error log has no details.

If you remove the encryption key for the database before you back up the database, you receive the following error message when you try to restore the database:
System.Data.SqlClient.SqlError: Cannot find server certificate with thumbprint '0xCB62FF76463A6BF86E8F769B541BA6483AFC2FF2'. (Microsoft.SqlServer.Smo)
Back to the top | Give Feedback

RESOLUTION

Cumulative update information

SQL Server 2008 Service Pack 1

The fix for this issue was first released in Cumulative Update 10 for SQL Server 2008 Service Pack 1. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2279604
(http://support.microsoft.com/kb/2279604/LN/ )
Cumulative update package 10 for SQL Server 2008 Service Pack 1
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 fix release. Microsoft recommends that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
970365
(http://support.microsoft.com/kb/970365/LN/ )
The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 1 was released
Microsoft SQL Server 2008 hotfixes are created for specific SQL Server service packs. You must apply a SQL Server 2008 Service Pack 1 hotfix to an installation of SQL Server 2008 Service Pack 1. By default, any hotfix that is provided in a SQL Server service pack is included in the next SQL Server service pack.

SQL Server 2008 Service Pack 2

The fix for this issue was first released in Cumulative Update 1 for SQL Server 2008 Service Pack 2. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2289254
(http://support.microsoft.com/kb/2289254/ )
Cumulative update 1 for SQL Server 2008 Service Pack 2
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2402659
(http://support.microsoft.com/kb/2402659]/ )
The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 2 was released

SQL Server 2008 R2

The fix for this issue was first released in Cumulative Update 4. For more information about how to obtain this cumulative update package for SQL Server 2008 R2, click the following article number to view the article in the Microsoft Knowledge Base:
2345451
(http://support.microsoft.com/kb/2345451/ )
Cumulative Update package 4 for SQL Server 2008 R2
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 R2 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
981356
(http://support.microsoft.com/kb/981356/ )
The SQL Server 2008 R2 builds that were released after SQL Server 2008 R2 was released

Back to the top | Give Feedback

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Back to the top | Give Feedback

Steps to reproduce the problem

  1. Create a master key. The following is a sample of code that creates a master key: 
    use master
Create Master Key encryption by password = 'Password01!';
go
  2. Create or obtain a certificate protected by the master key. The following is a sample of code that creates a certificate protected by a master key: 
    create certificate cert_testDB_encryptDEK  authorization dbo
with subject='Certificate to encrypt the DEK of testDB'
  3. Create a new database, create a database encryption key, and then protect the key by the certificate. The following is a sample of code that creates a new database, that creates a database encryption key, and then that protects the key by using a certificate: 
    create Database testDB
use testDB
Create database encryption key 
with algorithm=AES_128
encryption by server certificate cert_testDB_encryptDEK
  4. Set the database to use encryption. The following is a sample of code that sets a database to use encryption: 
    Alter database testDB set encryption on
  5. Disable encryption for the database. The following is a sample of code that disables encryption for a database: 
    Alter database testDB set encryption off
  6. Back up the database, and then restore the backup on another version of SQL Server.
Back to the top | Give Feedback

REFERENCES

For more information about Transparent Data Encryption (TDE), visit the following Microsoft Developer Network (MSDN) website:
General information about TDE
(http://msdn.microsoft.com/en-us/library/bb934049.aspx)
For more information about the Incremental Servicing Model for SQL Server, click the following article number to view the article in the Microsoft Knowledge Base:
935897
(http://support.microsoft.com/kb/935897/ )
An Incremental Servicing Model is available from the SQL Server team to deliver hotfixes for reported problems
For more information about the naming schema for SQL Server updates, click the following article number to view the article in the Microsoft Knowledge Base:
822499
(http://support.microsoft.com/kb/822499/ )
New naming schema for Microsoft SQL Server software update packages
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684
(http://support.microsoft.com/kb/824684/ )
Description of the standard terminology that is used to describe Microsoft software updates
Back to the top | Give Feedback

Properties

Article ID: 2300689 - Last Review: November 15, 2010 - Revision: 5.0
APPLIES TO
  • Microsoft SQL Server 2008 Enterprise
  • Microsoft SQL Server 2008 Developer
  • Microsoft SQL Server 2008 Standard
  • Microsoft SQL Server 2008 Standard Edition for Small Business
  • Microsoft SQL Server 2008 Workgroup
  • Microsoft SQL Server 2008 R2 Datacenter
  • Microsoft SQL Server 2008 R2 Developer
  • Microsoft SQL Server 2008 R2 Enterprise
  • Microsoft SQL Server 2008 R2 Standard
  • Microsoft SQL Server 2008 R2 Workgroup
Keywords: 
kbqfe kbfix kbsurveynew kbexpertiseadvanced KB2300689
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top