• State Not Answered
  • Replies 6 replies
  • Subscribers 95 subscribers
  • Views 11327 views
  • Users 0 members are here
Options
Related

Decrypting the database: Encryption error. The data was probably encrypted with the wrong public key.

ryoma ninomiya
over 4 years ago

Hi people,

I'm having trouble decrypting a database which was originally encrypted on another SQL server. The error message I get during the decryption is in the title, these are the steps I took so far:

  1.  Encrypt DB on SQL Server 1
  2. Create Backup of DB on SQL Server 1
  3. Migrate DB to SQL Server 2
  4. Clean personnel data from DB per SQL on SQL Server 2
  5.  Attempt to re-encrypt the DB on SQL Server 2 (because the JobServer was complaining about encryption)
  6. Get error message

We are attempting this because we want to make the current production environment in to a development environment. Transport packages were not imported in the intended order due to emergency changes and human errors, so we'd like to correct discrepancies between our environments by turning our PROD to DEV. I have attempted this in the past by creating a transport package containing of all customisations from PROD and importing this into a clean installed environment. This procedure took a considerable amount of time (with multiple attempts), so this time I though "hey let's just clean PROD data" and here we are.

My questions are the following:

  • Is there still a way to decrypt the DB? Or is the public key created using a combination of SQL Server ID and DB ID?
  • Has anyone figured our a best practice for ridding an environment of personnel data?

Thank you in advance!

Ryu

Parents
  • 0 over 4 years ago

    Hi Ryu,
    asymmetrical encryption is used.
    During step #1 a public key and a private key file is created. The public key is stored in the database for data encryption. The wizard instructs you to store the private key file somewhere save. If it is lost your encrypted data cannot be decrypted.
    there are two options here.
    option 1) use the private key file to decrypt the restored database prior to step #3 using CryptoConfig.exe. The jobqueue must be empty! (If not there might remain processes that contain encrypted parameters)
    option 2) skip step #5 and provide the private key file to the jobservices in the new environment.


    best regards,
    Andreas

  • 0 over 4 years ago in reply to Andreas Finsterbusch

    Hi Andreas,

    thank you for your response.

    Option 1) Yes I think this was the easiest way forward 

    Option 2) I have provided the private key created in step #1 to the job services of the new environment. I got a similar error as below which is what lead me to attempt to decrypt the DB. Do you think I perhaps made a mistake in the job service configuration?

    [TimeStamp] Error occurred in ExecutionSlot (thread: Main Loop):
    [821053] Could not decode parameter 'ConnectionString'.
        [809014] Encryption error. The data was probably encrypted with the wrong public key.
        [System.Security.Cryptography.CryptographicException] The parameter is incorrect.

Reply
  • 0 over 4 years ago in reply to Andreas Finsterbusch

    Hi Andreas,

    thank you for your response.

    Option 1) Yes I think this was the easiest way forward 

    Option 2) I have provided the private key created in step #1 to the job services of the new environment. I got a similar error as below which is what lead me to attempt to decrypt the DB. Do you think I perhaps made a mistake in the job service configuration?

    [TimeStamp] Error occurred in ExecutionSlot (thread: Main Loop):
    [821053] Could not decode parameter 'ConnectionString'.
        [809014] Encryption error. The data was probably encrypted with the wrong public key.
        [System.Security.Cryptography.CryptographicException] The parameter is incorrect.

Children
No Data