DROP CRYPTOGRAPHIC PROVIDER (Transact-SQL)
Applies to: SQL Server Azure SQL Managed Instance
Drops a cryptographic provider within SQL Server.
Transact-SQL syntax conventions
DROP CRYPTOGRAPHIC PROVIDER provider_name
provider_name
Is the name of the Extensible Key Management provider.
To delete an Extensible Key Management (EKM) provider, all sessions that use the provider must be stopped.
An EKM provider can only be dropped if there are no credentials mapped to it.
If there are keys mapped to an EKM provider when it is dropped the GUIDs for the keys remain stored in SQL Server. If a provider is created later with the same key GUIDs, the keys will be reused.
Requires CONTROL permission on the symmetric key.
The following example drops a cryptographic provider called SecurityProvider
.
/* First, disable provider to perform the upgrade.
This will terminate all open cryptographic sessions. */
ALTER CRYPTOGRAPHIC PROVIDER SecurityProvider
SET ENABLED = OFF;
GO
/* Drop the provider. */
DROP CRYPTOGRAPHIC PROVIDER SecurityProvider;
GO
Extensible Key Management (EKM)
CREATE CRYPTOGRAPHIC PROVIDER (Transact-SQL)
ALTER CRYPTOGRAPHIC PROVIDER (Transact-SQL)
CREATE SYMMETRIC KEY (Transact-SQL)