Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Upgrading SQL Express to SQL Enterprise = Error " The certificate cannot be dropped..."

Posted on 2008-06-20
4
Medium Priority
?
1,535 Views
Last Modified: 2008-09-02
Hi all,

I'm upgrading a server from SQL Express to SQL Enterprise 2005.  
I initiated the upgrade from command line using the SKUUPGRADE=1 switch and all was going well until it reached the database services module when an error appeared:

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client][SQL Server]The certificate cannot be dropped because one or more entities are either signed or encrypted using it.. To continue, correct the problem, and then run SQL Server Setup again."

Now if I go control panel>add remove apps> SQL server 2005>CHANGE  I have an option to "Complete the suspended installation" which, of course, merely recreates the same error...

I have googled the error message and I have not found much in the way of answers,...
These two links deal with the subject:
http://forums.microsoft.com/msdn/ShowPost.aspx?PostID=2150978&SiteID=1
http://blogs.microsoft.co.il/blogs/applisec/archive/2008/06/15/microsoft-sql-server-2005-database-encryption-step-by-step.aspx

I am aware I have the certificates installed and that I need to "drop" them,..  the question is how?

from T-SQL i ran the following:
SELECT * FROM sys.symmetric_keys
SELECT * FROM sys.certificates
and got this:

##MS_ServiceMasterKey##
(1 row(s) affected)

##MS_SQLResourceSigningCertificate##
##MS_SQLReplicationSigningCertificate##
##MS_SQLAuthenticatorCertificate##
##MS_AgentSigningCertificate##  
##MS_SchemaSigningCertificateB4948FB72D6F99455674FD9457408881BD720CEF##
(5 row(s) affected)

Can someone help me with what to do next?  I gather I need to drop the certificate(s)'' before the upgrade will complete,..

I tried a DROP CERTIFICATE ##MS_AgentSigningCertificate##  
and got: Msg 15559, Level 16, State 1, Line 1
Cannot drop certificate '##MS_AgentSigningCertificate##' because there is a login mapped to it.

Anyway, perhaps also I should mention the server details,..  Its a backup DC running Win2003R2 x32 - the two apps that integrate with SQL are: Symantec BEWS 11d and ScriptLogic Destop Authority - they both have databases originally installed in SQL express that I now

BTW --------------  IF I HIT 'RETRY' AFTER THE INITIAL ERROR MESSAGE THESE ERRORS THEN APPEAR:

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client]Shared Memory Provider: No process is on the other end of the pipe.
. To continue, correct the problem, and then run SQL Server Setup again."

"SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client]Communication link failure. To continue, correct the problem, and then run SQL Server Setup again."
-----------------

The server runs two apps that run databases in SQL, Symantec BEWS 11d & ScriptLogic desktop Authority, I would imagine one of them has created certificates etc,..

I just don't know where to look or how to affect these required changes so the upgrade can complete.  Any advise or help GREATLY appreciated!  
0
Comment
Question by:Will-Way
  • 3
4 Comments
 
LVL 4

Expert Comment

by:zx10r
ID: 21833084
see if this helps for dropping encryption keys http://technet.microsoft.com/en-us/library/bb630256(SQL.100).aspx
0
 

Author Comment

by:Will-Way
ID: 21833301
OK,... I'll give that a go...
Just gonna back-up the server first ;) - about an hour or so..

I'll let you know what happens
0
 

Author Comment

by:Will-Way
ID: 21837000
Unfortunately I don't seem to be making any progress using the DROP DATABASE ENCRYPTION KEY approach.  I have 2 instances each with 4 databsaes and as far as I can tell they're not encrypted...

Not sure about all the SQL default databases (i.e. master etc..)  - most won't let me perform the operation on...

Tried the upgrade again and same result....

I get the feeling it must be a certificate based thing... I just have no clue how to manipulate these items properly.  Perhaps its either the BEWS install or the Desktop Authority install thats at the root ...? They both created 2 databases each and have logins & services...

My main concern is that while 90% of the upgrade succeeded I still have 2 instances of databases that are in "suspension" and will not allow for SQL SP2 install.... so its all a bit precarious.

Is there any more data I can provide that will help?
0
 

Accepted Solution

by:
Will-Way earned 0 total points
ID: 21846909
Ahhhh, finally,.. the fix.

An undocumenetd T-SQL command:

DROP BUGGERED BITS



:)

Just kidding....  After 10 days of looking for resolution I spent 2 hours uninstalling and reinstalling apps & SQL Server...
Lesson learned: If you use certs/encryption in SQL Express and are thinking upgrade...  DO NOT!  Uninstall SQL Express and install SQL Server from scratch.... much easier.

Case closed
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are some very powerful Dynamic Management Views (DMV's) introduced with SQL 2005. The two in particular that we are going to discuss are sys.dm_db_index_usage_stats and sys.dm_db_index_operational_stats.   Recently, I was involved in a di…
I am showing a way to read/import the excel data in table using SQL server 2005... Suppose there is an Excel file "Book1" at location "C:\temp" with column "First Name" and "Last Name". Now to import this Excel data into the table, we will use…
Integration Management Part 2
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question