TDE in a SQL Cluster
https://dba.stackexchange.com/questions/47613
-
01-11-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm researchig into databnase encryption and whilst TDE seems to do exactly what it says on the tin, there seems to be no information on how to configure it up in a Microsoft failover SQL Cluster, or if there are any caveats about encryption in a cluster environment (beyond those that are listed on MSDN).
Trying to distill the information I have (mostly from here and here but from other random googles), I think the answer is that I have to do nothing and it just works. The master key and certificate are in the master database and the DMK is in the user database, so in a failover situation, everything exists in the MDF files for the failover node to run with (rather than any keys lurking in the registry which would need to be sync'd twixt nodes).
The problem is there's nothing that explicitly states this (or I've completely failed to read the sentance that says it), so I'm just seeking clarification that I'm not missing something obvious, that nothing special needs to be configured and it does "just work".
No correct solution
