FIX: Encryption scan task triggered upon the startup of a database may be canceled in SQL Server 2016

Applies to: SQL Server 2016 DeveloperSQL Server 2016 EnterpriseSQL Server 2016 Enterprise Core


Assume that you have enabled Transparent Data Encryption (TDE) in a database in Microsoft SQL Server 2016. You restart the SQL Server service for the instance hosting the database before the initial TDE encryption scan is completed, and then you notice the resumed encryption scan may be canceled and will not progress unless you manually start the service by running the following statement:


The encryption scantask cancellation occurs because it can't run normally until the startup process of the database is completed. However, the encryption scan task waits for the startup process for only twoseconds. Accordingly, if the time-out is exceeded, the encryption task will be silentlycanceled. 
Note This fix increases the time-out to 20 seconds.  You can use the percent_complete of the sys.dm_database_encryption_keys to monitor whether the encryption task is making any progress.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. 


This issue is fixed in the following cumulative update for SQL Server:
About cumulative updates for SQL Server:
Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included with the previous cumulative update. Check out the latest cumulative updates for SQL Server:


Learn about the terminology that Microsoft uses to describe software updates.