Solved

SQL Server 2008

Posted on 2014-01-24
4
552 Views
Last Modified: 2014-02-09
Hi,

We have disabled TDE and dropped Certificates/Master for few servers then the backups have been executed successfully except one server due to below error.

“Cannot find server certificate with thumbprint '0x0CE1D924785C160413399D79FD3594E158129976'..

The issue is impacting backup failure for server and it is not impacting application/data retrivel.

Again After dropping certificate, we have reviewed the following steps successfully but the problem persists.

-- SELECT name, database_id, is_encrypted FROM sys.databases
This query will return all of the databases in your instance and reflect the encryption status. The value of "1" in the is_encrypted column indicates that TDE is enabled. A value of "0" indicates that TDE is not enabled.

--SELECT * FROM master.sys.certificates
This query will return the server certificates that have been created in the MASTER database. Upon execution of the DROP CERTIFICATE command the server certificate will no longer appear.

-- SELECT * FROM master.sys.symmetric_keys

This query will return the Database Master Keys (DMK) that have been created in the MASTER database. Upon execution of the DROP MASTER KEY command the DMK will no longer appear.
-- SELECT * FROM sys.dm_database_encryption_keys
This query will return all Database Encryption Keys (DEK) that have been created in your instance. Upon execution of the DROP DATABASE ENCRYPTION KEY command the DEK for the target database will no longer appear. If there are no other databases with TDE enabled on the instance, a restart of the instance will remove the DEK for the TEMPDB.

-- Query any table in the target database to show that data is successfully returned.

SQL Server version Details:

Microsoft SQL Server 2008 (SP1) - 10.0.2573.0 (X64)   Feb  4 2011 11:27:06   Copyright (c) 1988-2008 Microsoft Corporation  Enterprise Edition (64-bit) on Windows NT 6.0 <X64> (Build 6002: Service Pack 2)

Please help to resolve the issue.

Thanks,
Chandra
0
Comment
Question by:Chandra Mohan Kanithi
  • 2
4 Comments
 
LVL 17

Expert Comment

by:Kent Dyer
Comment Utility
Question - why did you pull the certificate in the first place?  Was it expired?  It sounds like your certificate store may need to be repaired.  However, I would be absolutely sure your cert in question is not expired or set to expire.
0
 

Author Comment

by:Chandra Mohan Kanithi
Comment Utility
Here the issue is we are unable to take backup of database after dropped the certificate and disabled the TDE.

Could you please solution for certification set to expire.
0
 

Author Comment

by:Chandra Mohan Kanithi
Comment Utility
No, the certificate was not expired. As part of decryption, we had to remove the certificate. After that, backup won't work anymore. When the system was restarted SAP won't come up until the certificate was recreated.

Please help us.

Thanks,
Chandra
0
 
LVL 15

Accepted Solution

by:
Aaron Shilo earned 500 total points
Comment Utility
hi

The fix for this issue was first released in Cumulative Update 1 for SQL Server 2008 Service Pack 2. For more information about this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2289254 Cumulative update 1 for SQL Server 2008 Service Pack 2
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

In this article I will describe the Detach & Attach method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Via a live example, show how to extract information from SQL Server on Database, Connection and Server properties

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now