Microsoft distributes Microsoft SQL Server 2008 and Microsoft SQL Server 2008 R2 fixes as one downloadable file. Because the fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 or SQL Server 2008 R2 fix release.
Symptoms
Consider the following scenario:
-
You use transparent data encryption on a database in SQL Server 2008 or in Microsoft SQL Server 2008 R2.
-
You disable encryption for the database.
-
You back up the database immediately after you disable encryption.
-
You try to restore the database on another instance of SQL Server by using the backup.
In this scenario, the restore operation fails, and you receive an error message that resembles the following:
System.Data.SqlClient.SqlError: The file "<database name>_log" failed to initialize correctly. Examine the error logs for more details. (Microsoft.SqlServer.Smo)
However, the error log has no details.
If you remove the encryption key for the database before you back up the database, you receive the following error message when you try to restore the database:System.Data.SqlClient.SqlError: Cannot find server certificate with thumbprint '0xCB62FF76463A6BF86E8F769B541BA6483AFC2FF2'. (Microsoft.SqlServer.Smo)
Resolution
Cumulative update information
SQL Server 2008 Service Pack 1
The fix for this issue was first released in Cumulative Update 10 for SQL Server 2008 Service Pack 1. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2279604 Cumulative update package 10 for SQL Server 2008 Service Pack 1Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 fix release. Microsoft recommends that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
970365 The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 1 was released Microsoft SQL Server 2008 hotfixes are created for specific SQL Server service packs. You must apply a SQL Server 2008 Service Pack 1 hotfix to an installation of SQL Server 2008 Service Pack 1. By default, any hotfix that is provided in a SQL Server service pack is included in the next SQL Server service pack.
SQL Server 2008 Service Pack 2
The fix for this issue was first released in Cumulative Update 1 for SQL Server 2008 Service Pack 2. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2289254 Cumulative update 1 for SQL Server 2008 Service Pack 2Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2402659 The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 2 was released
SQL Server 2008 R2
The fix for this issue was first released in Cumulative Update 4. For more information about how to obtain this cumulative update package for SQL Server 2008 R2, click the following article number to view the article in the Microsoft Knowledge Base:
2345451 Cumulative Update package 4 for SQL Server 2008 R2 Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 R2 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
981356 The SQL Server 2008 R2 builds that were released after SQL Server 2008 R2 was released
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Steps to reproduce the problem
-
Create a master key. The following is a sample of code that creates a master key:
use master
Create Master Key encryption by password = 'Password01!'; go -
Create or obtain a certificate protected by the master key. The following is a sample of code that creates a certificate protected by a master key:
create certificate cert_testDB_encryptDEK authorization dbo
with subject='Certificate to encrypt the DEK of testDB' -
Create a new database, create a database encryption key, and then protect the key by the certificate. The following is a sample of code that creates a new database, that creates a database encryption key, and then that protects the key by using a certificate:
create Database testDB
use testDB Create database encryption key with algorithm=AES_128 encryption by server certificate cert_testDB_encryptDEK -
Set the database to use encryption. The following is a sample of code that sets a database to use encryption:
Alter database testDB set encryption on
-
Disable encryption for the database. The following is a sample of code that disables encryption for a database:
Alter database testDB set encryption off
-
Back up the database, and then restore the backup on another version of SQL Server.
References
For more information about Transparent Data Encryption (TDE), visit the following Microsoft Developer Network (MSDN) website:
General information about TDEFor more information about the Incremental Servicing Model for SQL Server, click the following article number to view the article in the Microsoft Knowledge Base:
935897 An Incremental Servicing Model is available from the SQL Server team to deliver hotfixes for reported problems For more information about the naming schema for SQL Server updates, click the following article number to view the article in the Microsoft Knowledge Base:
822499New naming schema for Microsoft SQL Server software update packagesFor more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates