Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Upgrading SQL Express to SQL Enterprise = Error " The certificate cannot be dropped..."

Posted on 2008-06-20
4
Medium Priority
?
1,519 Views
Last Modified: 2008-09-02
Hi all,

I'm upgrading a server from SQL Express to SQL Enterprise 2005.  
I initiated the upgrade from command line using the SKUUPGRADE=1 switch and all was going well until it reached the database services module when an error appeared:

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client][SQL Server]The certificate cannot be dropped because one or more entities are either signed or encrypted using it.. To continue, correct the problem, and then run SQL Server Setup again."

Now if I go control panel>add remove apps> SQL server 2005>CHANGE  I have an option to "Complete the suspended installation" which, of course, merely recreates the same error...

I have googled the error message and I have not found much in the way of answers,...
These two links deal with the subject:
http://forums.microsoft.com/msdn/ShowPost.aspx?PostID=2150978&SiteID=1
http://blogs.microsoft.co.il/blogs/applisec/archive/2008/06/15/microsoft-sql-server-2005-database-encryption-step-by-step.aspx

I am aware I have the certificates installed and that I need to "drop" them,..  the question is how?

from T-SQL i ran the following:
SELECT * FROM sys.symmetric_keys
SELECT * FROM sys.certificates
and got this:

##MS_ServiceMasterKey##
(1 row(s) affected)

##MS_SQLResourceSigningCertificate##
##MS_SQLReplicationSigningCertificate##
##MS_SQLAuthenticatorCertificate##
##MS_AgentSigningCertificate##  
##MS_SchemaSigningCertificateB4948FB72D6F99455674FD9457408881BD720CEF##
(5 row(s) affected)

Can someone help me with what to do next?  I gather I need to drop the certificate(s)'' before the upgrade will complete,..

I tried a DROP CERTIFICATE ##MS_AgentSigningCertificate##  
and got: Msg 15559, Level 16, State 1, Line 1
Cannot drop certificate '##MS_AgentSigningCertificate##' because there is a login mapped to it.

Anyway, perhaps also I should mention the server details,..  Its a backup DC running Win2003R2 x32 - the two apps that integrate with SQL are: Symantec BEWS 11d and ScriptLogic Destop Authority - they both have databases originally installed in SQL express that I now

BTW --------------  IF I HIT 'RETRY' AFTER THE INITIAL ERROR MESSAGE THESE ERRORS THEN APPEAR:

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client]Shared Memory Provider: No process is on the other end of the pipe.
. To continue, correct the problem, and then run SQL Server Setup again."

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client]Communication link failure. To continue, correct the problem, and then run SQL Server Setup again."
-----------------

The server runs two apps that run databases in SQL, Symantec BEWS 11d & ScriptLogic desktop Authority, I would imagine one of them has created certificates etc,..

I just don't know where to look or how to affect these required changes so the upgrade can complete.  Any advise or help GREATLY appreciated!  
0
Comment
Question by:Will-Way
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 4

Expert Comment

by:zx10r
ID: 21833084
see if this helps for dropping encryption keys http://technet.microsoft.com/en-us/library/bb630256(SQL.100).aspx
0
 

Author Comment

by:Will-Way
ID: 21833301
OK,... I'll give that a go...
Just gonna back-up the server first ;) - about an hour or so..

I'll let you know what happens
0
 

Author Comment

by:Will-Way
ID: 21837000
Unfortunately I don't seem to be making any progress using the DROP DATABASE ENCRYPTION KEY approach.  I have 2 instances each with 4 databsaes and as far as I can tell they're not encrypted...

Not sure about all the SQL default databases (i.e. master etc..)  - most won't let me perform the operation on...

Tried the upgrade again and same result....

I get the feeling it must be a certificate based thing... I just have no clue how to manipulate these items properly.  Perhaps its either the BEWS install or the Desktop Authority install thats at the root ...? They both created 2 databases each and have logins & services...

My main concern is that while 90% of the upgrade succeeded I still have 2 instances of databases that are in "suspension" and will not allow for SQL SP2 install.... so its all a bit precarious.

Is there any more data I can provide that will help?
0
 

Accepted Solution

by:
Will-Way earned 0 total points
ID: 21846909
Ahhhh, finally,.. the fix.

An undocumenetd T-SQL command:

DROP BUGGERED BITS



:)

Just kidding....  After 10 days of looking for resolution I spent 2 hours uninstalling and reinstalling apps & SQL Server...
Lesson learned: If you use certs/encryption in SQL Express and are thinking upgrade...  DO NOT!  Uninstall SQL Express and install SQL Server from scratch.... much easier.

Case closed
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will describe the Copy Database Wizard method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question