Sql server 2008 r2 SQL Server数据库主密钥_Sql Server 2008 R2

Sql server 2008 r2 SQL Server数据库主密钥

sql-server-2008-r2

Sql server 2008 r2 SQL Server数据库主密钥,sql-server-2008-r2,Sql Server 2008 R2,我运行以下脚本为我创建的一个数据库创建主密钥，但在节点中看不到它们的密钥（请参见快照）；有人知道为什么吗？我期待着您的回复，谢谢 USE AdventureWorks GO CREATE MASTER KEY ENCRYPTION BY PASSWORD = '23987hxJ#KL95234nl0zBe' GO 您无法在SSMS GUI中看到此信息，但如果运行以下操作，您可以看到数据库是否具有主密钥： SELECT d.is_master_key_encrypted_by_server F

我运行以下脚本为我创建的一个数据库创建主密钥，但在节点中看不到它们的密钥（请参见快照）；有人知道为什么吗？我期待着您的回复，谢谢

USE AdventureWorks
GO

CREATE MASTER KEY ENCRYPTION BY PASSWORD = '23987hxJ#KL95234nl0zBe'
GO

您无法在SSMS GUI中看到此信息，但如果运行以下操作，您可以看到数据库是否具有主密钥：

SELECT d.is_master_key_encrypted_by_server
FROM sys.databases AS d
WHERE d.name = 'AdventureWorks';

这里有两种测试DMK存在性的方法

请注意，sys.databases中的[is_master_key_encrypted_by_server]列可以显示0，但DMK存在并且已从SMK加密中删除

我希望这有帮助

======================

-- Test for existence of a DMK. If it does not exist, then create it.

-- Method 1:
IF (SELECT COUNT(*) FROM sys.symmetric_keys WHERE name LIKE '%DatabaseMasterKey%') = 0
BEGIN
    CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'ljlLKJjs$2@l23je'
END

-- Method 2: 
IF NOT EXISTS (SELECT * FROM sys.symmetric_keys WHERE name LIKE '%DatabaseMasterKey%')
BEGIN
    SELECT 'DMK does not exist'
    CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'ljlLKJjs$2@l23je'
END
ELSE
BEGIN
    SELECT 'DMK exists'
END



-- Demo showing that is_master_key_encrypted_by_server in sys.databases does not show whether the DMK exists or not.
DROP MASTER KEY
GO

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'ljlLKJjs$2@l23je'
GO

SELECT is_master_key_encrypted_by_server, name
FROM sys.databases
WHERE name = 'GalaxianTest1'
--> is_master_key_encrypted_by_server   name
--> 1   GalaxianTest1

USE GalaxianTest1
GO 

-- This command causes the DMK to not be encrypted by the SMK. 
ALTER MASTER KEY DROP ENCRYPTION BY SERVICE MASTER KEY

-- This command now shows 0, although the DMK still exists. 
SELECT is_master_key_encrypted_by_server, name
FROM sys.databases
WHERE name = 'GalaxianTest1'
--> is_master_key_encrypted_by_server   name
--> 0   GalaxianTest1

-- Try creating a new DMK. This will error because the DMK still exists. 
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'ljlLKJjs$2@l23je'
GO
--> Error: There is already a master key in the database. Please drop it before performing this statement.

DROP MASTER KEY
GO
--> Command(s) completed successfully.

SELECT is_master_key_encrypted_by_server, name
FROM sys.databases
WHERE name = 'GalaxianTest1'
--> is_master_key_encrypted_by_server   name
--> 0   GalaxianTest1
-- Note: this is the same message as above when the DMK existed, but had been dropped from encryption by service master key.