fbpx

Knowledge Base

Search Knowledge Base

KB #240117: Upgrading SQL Version on an instance secured with Encryptionizer

Type:

Information

Summary:

You have an SQL instance that is secured with Encryptionizer for SQL. You wish to perform an in place upgrade to the next version, e.g.  SQL 2017 -> SQL 2019,. You will need to perform the following steps to successfully upgrade and have access to the encrypted data after this major SQL upgrade.

Additional Information:

When you upgrade your instance of SQL in place from one version to the next, the upgrade typically changes the directory structure of the instance by default. This directory change interferes with a security feature of Encryptionizer which does not allow the movement of a secured SQL instance.The instructions are slightly different if you had previously chosen to encrypt any of the system databases, such as Master. Note: Encrypted System databases may not be applicable in your case. System Databases are only encrypted by choice.

System Databases NOT Encrypted

  • Detach any encrypted databases from the instance to be upgraded. It is not necessary to decrypt them.
  • Stop the SQL Instance to be upgraded
  • Run the Administration Wizard from the Main Menu to disable Encryptionizer from the SQL instance (make sure that you know the encryption key profile information before disabling)
  • Perform your upgrade of SQL according to instructions from Microsoft. Your encrypted databases will not be accessible during the upgrade. They will remain at their original Compatibility Level but will function on the next SQL version. You can change to the higher Compatibility level later.
  • Run the Administration Wizard again to enable Encryptionizer once more – make sure to use the identical Key profile information as before.
  • Start SQL to confirm that you have access to your databases.
  • If you wish to upgrade your encrypted databases to the highest Compatibility Level for your version, e.g. Compatibility Level 150 for SQL 2019, you can now do this using instructions from Microsoft.

System Databases ARE Encrypted

  • Detach any encrypted databases from the instance to be upgraded. It is not necessary to decrypt them. The exception is system databases such as master (see below)
  • Stop the SQL Instance to be upgraded
  • Temporarily decrypt any System databases such as Master, if they are encrypted, using the Encrypt/Decrypt Wizard . If they remain encrypted, SQL will not be able to start up to perform the upgrade.
  • Run the Administration Wizard to disable Encryptionizer from the SQL instance (make sure that you know the encryption key profile information before disabling)
  • Perform your upgrade of SQL according to instructions from Microsoft. Your encrypted databases will not be accessible during the upgrade. They will remain at their original Compatibility Level but will function on the next SQL version. You can change to the higher Compatibility level later.
  • Run the Encrypt/Decrypt Wizard to encrypt your system databases, if so desired. Remember to use the same Encryption Key Profile is set in the Admin Wizard below.
  • Run the NetLib Administration Wizard to enable Encryptionizer once more – make sure to use the identical Key profile information as before.
  • Start SQL to confirm that you have access to your databases.
  • If you wish to upgrade your encrypted databases to the highest Compatibility Level for your version, e.g. Compatibility Level 150 for SQL 2019, you can now do this using instructions from Microsoft.

 

Last modified: 3/23/2024

Top