FIX: You cannot restore a backup of a database on another instance of SQL Server if you disable transparent data encryption before you create the backup in SQL Server 2008 or in SQL Server 2008 R2

Article translations Article translations
Article ID: 2300689 - View products that this article applies to.
Microsoft distributes Microsoft SQL Server 2008 and Microsoft SQL Server 2008 R2 fixes as one downloadable file. Because the fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 or SQL Server 2008 R2 fix release.
Expand all | Collapse all

On This Page

SYMPTOMS

Consider the following scenario:
  • You use transparent data encryption on a database in SQL Server 2008 or in Microsoft SQL Server 2008 R2.
  • You disable encryption for the database.
  • You back up the database immediately after you disable encryption.
  • You try to restore the database on another instance of SQL Server by using the backup.
In this scenario, the restore operation fails, and you receive an error message that resembles the following:
System.Data.SqlClient.SqlError: The file "<database name>_log" failed to initialize correctly. Examine the error logs for more details. (Microsoft.SqlServer.Smo)
However, the error log has no details.

If you remove the encryption key for the database before you back up the database, you receive the following error message when you try to restore the database:
System.Data.SqlClient.SqlError: Cannot find server certificate with thumbprint '0xCB62FF76463A6BF86E8F769B541BA6483AFC2FF2'. (Microsoft.SqlServer.Smo)

RESOLUTION

Cumulative update information

SQL Server 2008 Service Pack 1

The fix for this issue was first released in Cumulative Update 10 for SQL Server 2008 Service Pack 1. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2279604 Cumulative update package 10 for SQL Server 2008 Service Pack 1
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 fix release. Microsoft recommends that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
970365 The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 1 was released
Microsoft SQL Server 2008 hotfixes are created for specific SQL Server service packs. You must apply a SQL Server 2008 Service Pack 1 hotfix to an installation of SQL Server 2008 Service Pack 1. By default, any hotfix that is provided in a SQL Server service pack is included in the next SQL Server service pack.

SQL Server 2008 Service Pack 2

The fix for this issue was first released in Cumulative Update 1 for SQL Server 2008 Service Pack 2. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2289254 Cumulative update 1 for SQL Server 2008 Service Pack 2
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2402659 The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 2 was released

SQL Server 2008 R2

The fix for this issue was first released in Cumulative Update 4. For more information about how to obtain this cumulative update package for SQL Server 2008 R2, click the following article number to view the article in the Microsoft Knowledge Base:
2345451 Cumulative Update package 4 for SQL Server 2008 R2
Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 R2 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
981356 The SQL Server 2008 R2 builds that were released after SQL Server 2008 R2 was released

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Steps to reproduce the problem

  1. Create a master key. The following is a sample of code that creates a master key:
    use master
    Create Master Key encryption by password = 'Password01!';
    go
  2. Create or obtain a certificate protected by the master key. The following is a sample of code that creates a certificate protected by a master key:
    create certificate cert_testDB_encryptDEK  authorization dbo
    with subject='Certificate to encrypt the DEK of testDB'
  3. Create a new database, create a database encryption key, and then protect the key by the certificate. The following is a sample of code that creates a new database, that creates a database encryption key, and then that protects the key by using a certificate:
    create Database testDB
    use testDB
    Create database encryption key 
    with algorithm=AES_128
    encryption by server certificate cert_testDB_encryptDEK  
    
  4. Set the database to use encryption. The following is a sample of code that sets a database to use encryption:
    Alter database testDB set encryption on 
    
  5. Disable encryption for the database. The following is a sample of code that disables encryption for a database:
    Alter database testDB set encryption off 
    
  6. Back up the database, and then restore the backup on another version of SQL Server.

REFERENCES

For more information about Transparent Data Encryption (TDE), visit the following Microsoft Developer Network (MSDN) website:
General information about TDE
For more information about the Incremental Servicing Model for SQL Server, click the following article number to view the article in the Microsoft Knowledge Base:
935897 An Incremental Servicing Model is available from the SQL Server team to deliver hotfixes for reported problems
For more information about the naming schema for SQL Server updates, click the following article number to view the article in the Microsoft Knowledge Base:
822499 New naming schema for Microsoft SQL Server software update packages
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2300689 - Last Review: November 15, 2010 - Revision: 5.0
APPLIES TO
  • Microsoft SQL Server 2008 Enterprise
  • Microsoft SQL Server 2008 Developer
  • Microsoft SQL Server 2008 Standard
  • Microsoft SQL Server 2008 Standard Edition for Small Business
  • Microsoft SQL Server 2008 Workgroup
  • Microsoft SQL Server 2008 R2 Datacenter
  • Microsoft SQL Server 2008 R2 Developer
  • Microsoft SQL Server 2008 R2 Enterprise
  • Microsoft SQL Server 2008 R2 Standard
  • Microsoft SQL Server 2008 R2 Workgroup
Keywords: 
kbqfe kbfix kbsurveynew kbexpertiseadvanced KB2300689

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com