Solved

Upgrading SQL Express to SQL Enterprise = Error " The certificate cannot be dropped..."

Posted on 2008-06-20
4
1,486 Views
Last Modified: 2008-09-02
Hi all,

I'm upgrading a server from SQL Express to SQL Enterprise 2005.  
I initiated the upgrade from command line using the SKUUPGRADE=1 switch and all was going well until it reached the database services module when an error appeared:

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client][SQL Server]The certificate cannot be dropped because one or more entities are either signed or encrypted using it.. To continue, correct the problem, and then run SQL Server Setup again."

Now if I go control panel>add remove apps> SQL server 2005>CHANGE  I have an option to "Complete the suspended installation" which, of course, merely recreates the same error...

I have googled the error message and I have not found much in the way of answers,...
These two links deal with the subject:
http://forums.microsoft.com/msdn/ShowPost.aspx?PostID=2150978&SiteID=1
http://blogs.microsoft.co.il/blogs/applisec/archive/2008/06/15/microsoft-sql-server-2005-database-encryption-step-by-step.aspx

I am aware I have the certificates installed and that I need to "drop" them,..  the question is how?

from T-SQL i ran the following:
SELECT * FROM sys.symmetric_keys
SELECT * FROM sys.certificates
and got this:

##MS_ServiceMasterKey##
(1 row(s) affected)

##MS_SQLResourceSigningCertificate##
##MS_SQLReplicationSigningCertificate##
##MS_SQLAuthenticatorCertificate##
##MS_AgentSigningCertificate##  
##MS_SchemaSigningCertificateB4948FB72D6F99455674FD9457408881BD720CEF##
(5 row(s) affected)

Can someone help me with what to do next?  I gather I need to drop the certificate(s)'' before the upgrade will complete,..

I tried a DROP CERTIFICATE ##MS_AgentSigningCertificate##  
and got: Msg 15559, Level 16, State 1, Line 1
Cannot drop certificate '##MS_AgentSigningCertificate##' because there is a login mapped to it.

Anyway, perhaps also I should mention the server details,..  Its a backup DC running Win2003R2 x32 - the two apps that integrate with SQL are: Symantec BEWS 11d and ScriptLogic Destop Authority - they both have databases originally installed in SQL express that I now

BTW --------------  IF I HIT 'RETRY' AFTER THE INITIAL ERROR MESSAGE THESE ERRORS THEN APPEAR:

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client]Shared Memory Provider: No process is on the other end of the pipe.
. To continue, correct the problem, and then run SQL Server Setup again."

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client]Communication link failure. To continue, correct the problem, and then run SQL Server Setup again."
-----------------

The server runs two apps that run databases in SQL, Symantec BEWS 11d & ScriptLogic desktop Authority, I would imagine one of them has created certificates etc,..

I just don't know where to look or how to affect these required changes so the upgrade can complete.  Any advise or help GREATLY appreciated!  
0
Comment
Question by:Will-Way
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 4

Expert Comment

by:zx10r
ID: 21833084
see if this helps for dropping encryption keys http://technet.microsoft.com/en-us/library/bb630256(SQL.100).aspx
0
 

Author Comment

by:Will-Way
ID: 21833301
OK,... I'll give that a go...
Just gonna back-up the server first ;) - about an hour or so..

I'll let you know what happens
0
 

Author Comment

by:Will-Way
ID: 21837000
Unfortunately I don't seem to be making any progress using the DROP DATABASE ENCRYPTION KEY approach.  I have 2 instances each with 4 databsaes and as far as I can tell they're not encrypted...

Not sure about all the SQL default databases (i.e. master etc..)  - most won't let me perform the operation on...

Tried the upgrade again and same result....

I get the feeling it must be a certificate based thing... I just have no clue how to manipulate these items properly.  Perhaps its either the BEWS install or the Desktop Authority install thats at the root ...? They both created 2 databases each and have logins & services...

My main concern is that while 90% of the upgrade succeeded I still have 2 instances of databases that are in "suspension" and will not allow for SQL SP2 install.... so its all a bit precarious.

Is there any more data I can provide that will help?
0
 

Accepted Solution

by:
Will-Way earned 0 total points
ID: 21846909
Ahhhh, finally,.. the fix.

An undocumenetd T-SQL command:

DROP BUGGERED BITS



:)

Just kidding....  After 10 days of looking for resolution I spent 2 hours uninstalling and reinstalling apps & SQL Server...
Lesson learned: If you use certs/encryption in SQL Express and are thinking upgrade...  DO NOT!  Uninstall SQL Express and install SQL Server from scratch.... much easier.

Case closed
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So every once in a while at work I am asked to export data from one table and insert it into another on a different server.  I hate doing this.  There's so many different tables and data types.  Some column data needs quoted and some doesn't.  What …
In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question