SQL SCCM 数据库服务器通过证书解密
SQL SCCM database Server decrypt by certificate
我根据 this 指南
创建了证书和数据库主密钥
SELECT name FROM sys.symmetric_keys
##MS_DatabaseMasterKey##
SELECT name from sys.certificates WHERE name = 'BitLockerManagement_CERT'
BitLockerManagement_CERT
现在,我需要从数据库中解密 RecoveryKey dbo.RecoveryAndHardwareCore_Keys
OPEN SYMMETRIC KEY ##MS_DatabaseMasterKey##
DECRYPTION BY CERTIFICATE BitLockerManagement_CERT WITH PASSWORD = 'pass'
出现错误:
Global temporary keys are not allowed. You can only use local temporary keys.
更新:
OPEN MASTER KEY
DECRYPTION BY PASSWORD = 'pass'
select RecoveryKey as 'encrypted', convert(nvarchar, decryptbykey(recoverykey)) from dbo.RecoveryAndHardwareCore_Keys
returns 空
已解决,无需证书解密,也无需打开主密钥:
SELECT RecoveryAndHardwareCore.DecryptString(RecoveryAndHardwareCore_Keys.RecoveryKey, DEFAULT) AS RecoveryKey FROM RecoveryAndHardwareCore_Keys
我根据 this 指南
创建了证书和数据库主密钥SELECT name FROM sys.symmetric_keys
##MS_DatabaseMasterKey##
SELECT name from sys.certificates WHERE name = 'BitLockerManagement_CERT'
BitLockerManagement_CERT
现在,我需要从数据库中解密 RecoveryKey dbo.RecoveryAndHardwareCore_Keys
OPEN SYMMETRIC KEY ##MS_DatabaseMasterKey##
DECRYPTION BY CERTIFICATE BitLockerManagement_CERT WITH PASSWORD = 'pass'
出现错误:
Global temporary keys are not allowed. You can only use local temporary keys.
更新:
OPEN MASTER KEY
DECRYPTION BY PASSWORD = 'pass'
select RecoveryKey as 'encrypted', convert(nvarchar, decryptbykey(recoverykey)) from dbo.RecoveryAndHardwareCore_Keys
returns 空
已解决,无需证书解密,也无需打开主密钥:
SELECT RecoveryAndHardwareCore.DecryptString(RecoveryAndHardwareCore_Keys.RecoveryKey, DEFAULT) AS RecoveryKey FROM RecoveryAndHardwareCore_Keys