Error creating database encryption key

Daniel P. K 1 Reputation point
2022-11-05T22:44:12.593+00:00

Hello,

I successfully created asymmetric key with azure key vault connector as provider but I am failing to create database encryption key. VM is on prem.
I will appreciate your assistance as I needing to implement in prod soon.
Thank you.

Script running:

USE MyDB
GO
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_256
ENCRYPTION BY SERVER ASYMMETRIC KEY [Myasymetrickey];
GO

error:

Msg 15209, Level 16, State 24, Line 91
An error occurred during encryption.

Error in EventViewer:

Message: Failed to get key info from Azure key vault for thumbprint verification before encrypting.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,173 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JimmySalian-2011 42,071 Reputation points
    2022-11-06T15:46:16.547+00:00

    Hi

    Did you followed this article to implement the TDE encryption - transparent-data-encryption-byok-overview. Follow the detailed steps listed in the article for encrypting the DB with Azure KeyVault.

    Hope this helps.
    JS

    ==
    Please Accept the answer if the information helped you. This will help us and others in the community as well.

    0 comments
  2. Vamsi krishna 0 Reputation points
    2024-06-19T13:01:21.31+00:00

    The answer is Wrap and unwrap key access should be having to the SPN in the AKV .

    0 comments