Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 610
  • Last Modified:

SQL Server 2008

Hi,

We have disabled TDE and dropped Certificates/Master for few servers then the backups have been executed successfully except one server due to below error.

“Cannot find server certificate with thumbprint '0x0CE1D924785C160413399D79FD3594E158129976'..

The issue is impacting backup failure for server and it is not impacting application/data retrivel.

Again After dropping certificate, we have reviewed the following steps successfully but the problem persists.

-- SELECT name, database_id, is_encrypted FROM sys.databases
This query will return all of the databases in your instance and reflect the encryption status. The value of "1" in the is_encrypted column indicates that TDE is enabled. A value of "0" indicates that TDE is not enabled.

--SELECT * FROM master.sys.certificates
This query will return the server certificates that have been created in the MASTER database. Upon execution of the DROP CERTIFICATE command the server certificate will no longer appear.

-- SELECT * FROM master.sys.symmetric_keys

This query will return the Database Master Keys (DMK) that have been created in the MASTER database. Upon execution of the DROP MASTER KEY command the DMK will no longer appear.
-- SELECT * FROM sys.dm_database_encryption_keys
This query will return all Database Encryption Keys (DEK) that have been created in your instance. Upon execution of the DROP DATABASE ENCRYPTION KEY command the DEK for the target database will no longer appear. If there are no other databases with TDE enabled on the instance, a restart of the instance will remove the DEK for the TEMPDB.

-- Query any table in the target database to show that data is successfully returned.

SQL Server version Details:

Microsoft SQL Server 2008 (SP1) - 10.0.2573.0 (X64)   Feb  4 2011 11:27:06   Copyright (c) 1988-2008 Microsoft Corporation  Enterprise Edition (64-bit) on Windows NT 6.0 <X64> (Build 6002: Service Pack 2)

Please help to resolve the issue.

Thanks,
Chandra
0
Chandra Mohan Kanithi
Asked:
Chandra Mohan Kanithi
  • 2
1 Solution
 
Kent DyerCommented:
Question - why did you pull the certificate in the first place?  Was it expired?  It sounds like your certificate store may need to be repaired.  However, I would be absolutely sure your cert in question is not expired or set to expire.
0
 
Chandra Mohan KanithiAuthor Commented:
Here the issue is we are unable to take backup of database after dropped the certificate and disabled the TDE.

Could you please solution for certification set to expire.
0
 
Chandra Mohan KanithiAuthor Commented:
No, the certificate was not expired. As part of decryption, we had to remove the certificate. After that, backup won't work anymore. When the system was restarted SAP won't come up until the certificate was recreated.

Please help us.

Thanks,
Chandra
0
 
Aaron ShiloCommented:
hi

The fix for this issue was first released in Cumulative Update 1 for SQL Server 2008 Service Pack 2. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2289254 Cumulative update 1 for SQL Server 2008 Service Pack 2
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now