一、测试TDE
此部分内容扩展SQL Server安全系列的第九篇:SQL Server安全透明数据加密的测试TDE章节。启用TDE的详细步骤请参考原文。
-- Create a test database CREATE DATABASE UestDB GO -- Create a certificate in master to use with TDE USE master; GO -- TDE hooks into encryption key hierarchy in SQL Server CREATE MASTER KEY ENCRYPTION BY PASSWORD = '!drJP9QXC&Vi%cs'; GO -- Create the certificate used to protect the database encryption key CREATE CERTIFICATE UestDBTDECert WITH SUBJECT = 'Certificate to implement TDE on UestDB'; GO -- Backup the master_key BACKUP MASTER KEY TO FILE = 'D:\SQL2012\MasterKey.bak' ENCRYPTION BY PASSWORD = 'pass'; GO -- Backup the certificate -- Either create the D:\SQL2012 folder or change it in the code below BACKUP CERTIFICATE UestDBTDECert TO FILE = 'D:\SQL2012\UestDBTDECert' WITH PRIVATE KEY ( FILE = 'D:\SQL2012\UestDBTDECertPrivateKey' , ENCRYPTION BY PASSWORD = 'RISiS9Ul%CByEk6' ); GO -- Must backup private key as well