Column Master Key Rotation Process(Always Encrypted)

In some cases, you may need to change the Column Master Key that was previously created for a table that you encrypt with Always Encrypted. In this article we will examine how to do this replacement.

I suggest you read my article “What is Always Encrypted in SQL Server” to get detailed information about Always Encrypted.

I assume you have a column master key named test name. First, we create a new column master key as follows to change this column master key.

On the next screen, we assign the column master key a name and determine where it will be stored and click ok. In our example, we named “masterkeyrotationornek”.

Then right click on the previous column master key(test) and click Rotate.

On the screen that appears, we select the new column master key named masterkeyrotationornek and we click ok.

Then, right click on the old master key as below and click on cleanup.

On the next screen, click ok as below to complete the process.

Finally, we delete our old master key.

dbtut
Author: dbtut

We are a team with over 10 years of database management and BI experience. Our Expertises: Oracle, SQL Server, PostgreSQL, MySQL, MongoDB, Elasticsearch, Kibana, Grafana.

Leave a Reply

Your email address will not be published. Required fields are marked *