SQL Server 中 Workflow Manager 工作空间的透明数据加密 (TDE)

USE master
GO
/* Verify master key */
SELECT * FROM sys.symmetric_keys WHERE name LIKE '%MS_DatabaseMasterKey%'
GO

/* if there are no records found, then it means there was no predefined Master Key. 
 To create a Master Key, you can execute the below mentioned TSQL code. */
 
/* Create master key */
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'wmx$$@admin';
GO
/* Backup master key */
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'wmx$$@admin';
GO
BACKUP MASTER KEY TO FILE = 'D:\mssqlbackup\master\masterkey.mk' 
    ENCRYPTION BY PASSWORD = 'wmx$$@admin';
GO

/* Create Certificate */
CREATE CERTIFICATE wmx_cert WITH SUBJECT = 'WMX Server Certificate';
GO

/* Verify Certificate */
SELECT * FROM sys.certificates where [name] = 'wmx_cert'
GO

/* Backup certificate */
BACKUP CERTIFICATE wmx_cert TO FILE = 'D:\mssqlbackup\master\wmx.cer'
   WITH PRIVATE KEY (
         FILE = 'D:\mssqlbackup\master\wmx.pvk',
         ENCRYPTION BY PASSWORD = 'wmx$$@admin');
GO

--use wmx database
USE wmxdb
GO
/* Create Encryption key */
CREATE DATABASE ENCRYPTION KEY
   WITH ALGORITHM = AES_256
   ENCRYPTION BY SERVER CERTIFICATE wmx_cert;
GO

/* Encrypt database */
ALTER DATABASE wmxdb SET ENCRYPTION ON;
GO

/* Verify Encryption */
SELECT 
DB_NAME(database_id) AS DatabaseName
,Encryption_State AS EncryptionState
,key_algorithm AS Algorithm
,key_length AS KeyLength
FROM sys.dm_database_encryption_keys
GO
SELECT 
NAME AS DatabaseName
,IS_ENCRYPTED AS IsEncrypted 
FROM sys.databases where name ='wmxdb'
GO