locked
TDE and Clustering RRS feed

  • Question

  • Is there any issue with using TDE along with SQL Server clustering? In particular, if we encrypt a database in one of the SQL Server clusered nodes, do we also need to encrypt it in all other nodes? If so, I'd imagine that we would need to use the same key and encryption algorithm?
    Thursday, November 26, 2009 7:54 PM

Answers

  • I doubt you have to do anything special due to clustering. You only have one set of database files, after all. Clustering is done at the instance level, so whatever dependencies you have on the master database is included. Of course, you want to test thoroughly first!
    Tibor Karaszi, SQL Server MVP http://www.karaszi.com/sqlserver/default.asp http://sqlblog.com/blogs/tibor_karaszi
    Friday, November 27, 2009 8:14 AM

All replies

  • Yes you can encrypt the database in other nodes , but make sure you have similar master key , certificate , encryption algorithm and database encryption key .

    Passwords for both master key should be same.
    Passwords for both database encryption key should be same and algorithm as well.
    Certificates should have same name.


    Thanks, Leks
    Thursday, November 26, 2009 8:59 PM
  • I doubt you have to do anything special due to clustering. You only have one set of database files, after all. Clustering is done at the instance level, so whatever dependencies you have on the master database is included. Of course, you want to test thoroughly first!
    Tibor Karaszi, SQL Server MVP http://www.karaszi.com/sqlserver/default.asp http://sqlblog.com/blogs/tibor_karaszi
    Friday, November 27, 2009 8:14 AM