About encryption in Azure MI.

youngsik Ahn 81 Reputation points
2023-01-05T09:07:54.453+00:00

Hello,

I ran into an in-process problem with encrypted data between Azure MI and my MSSQL.

I created 'MASTER KEY', 'CERTIFICATE', 'SYMMETRIC KEY' in Azure MI.

276441-image.png

And I opened the 'SYMMETRIC KEY' and saved the encrypted data to the table.


OPEN SYMMETRIC KEY NI...MK DECRYPTION BY CERTIFICATE NI......ERT;


Encrypted data stored in table

276399-image.png

I created the same in MSSQL that I have.
MSSQL Version is 2016

And I copied the data encrypted in Azure MI to my MSSQL server as it is.

I decrypted the encrypted data in my MSSQL server.

276400-image.png

But data returns 'NULL' value.

I was able to decrypt normally when decryption was executed in Azure MI.
I created 'MASTER KEY', 'CERTIFICATE', and 'SYMMETRIC KEY' identically to Azure MI and my MSSQL Server.

Doesn't 'MASTER KEY', 'CERTIFICATE', 'SYMMETRIC KEY' work the same in Azure MI and plain MSSQL?

I would be grateful if you could help me.
Thanks

Azure Database Migration service
Azure SQL Database
0 comments No comments
{count} votes

Accepted answer
  1. GeethaThatipatri-MSFT 29,502 Reputation points Microsoft Employee
    2023-01-06T18:34:20.167+00:00

    Hi,@youngsik Ahn Thanks for posting your question in the Microsoft Q&A forum.

    There is an incompatibility between SQL Azure and SQL Server 2016. The CLE0001 TSG should explain it.
    The fix is to set an FS in Azure, recreate the symmetric key, and re-encrypt the data in a SQL 2016 compatible format.

    Hope this will help. Please let us know if any further queries.

    Regards
    Geetha


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.