{"id":2906,"date":"2022-03-08T16:37:42","date_gmt":"2022-03-08T09:37:42","guid":{"rendered":"https:\/\/www.sqlservertutorial.net\/?page_id=2906"},"modified":"2025-09-16T14:01:18","modified_gmt":"2025-09-16T07:01:18","slug":"sql-server-tde","status":"publish","type":"page","link":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/","title":{"rendered":"SQL Server TDE"},"content":{"rendered":"\n<p>TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest.<\/p>\n\n\n\n<p>In this tutorial, we&#8217;ll create a sample database, encrypt it using TDE, and restore the database to another server.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id='create-a-test-database'>Create a test database <a href=\"#create-a-test-database\" class=\"anchor\" id=\"create-a-test-database\" title=\"Anchor for Create a test database\">#<\/a><\/h2>\n\n\n\n<p>First, create a test database called <code>test_db<\/code>:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-1\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">create<\/span> <span class=\"hljs-keyword\">database<\/span> test_db;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-1\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Next, switch to the <code>test_db<\/code>:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-2\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">use<\/span> test_db;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-2\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Then, create the <code>customers<\/code> table:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-3\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">create<\/span> <span class=\"hljs-keyword\">table<\/span> customers(\n\t<span class=\"hljs-keyword\">id<\/span> <span class=\"hljs-built_in\">int<\/span> <span class=\"hljs-keyword\">identity<\/span> primary <span class=\"hljs-keyword\">key<\/span>,\n\t<span class=\"hljs-keyword\">name<\/span> <span class=\"hljs-built_in\">varchar<\/span>(<span class=\"hljs-number\">200<\/span>) <span class=\"hljs-keyword\">not<\/span> <span class=\"hljs-literal\">null<\/span>,\n\temail <span class=\"hljs-built_in\">varchar<\/span>(<span class=\"hljs-number\">200<\/span>) <span class=\"hljs-keyword\">not<\/span> <span class=\"hljs-literal\">null<\/span>\n);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-3\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>After that, insert some rows into the <code>customers<\/code> table:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-4\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">insert<\/span> <span class=\"hljs-keyword\">into<\/span> customers(<span class=\"hljs-keyword\">name<\/span>, email)\n<span class=\"hljs-keyword\">values<\/span>(<span class=\"hljs-string\">'John Doe'<\/span>,<span class=\"hljs-string\">'john.doe@gmail.com'<\/span>),\n      (<span class=\"hljs-string\">'Jane Doe'<\/span>,<span class=\"hljs-string\">'jane.doe@gmail.com'<\/span>);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-4\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Finally, select the data from the <code>customers<\/code> table:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-5\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">select<\/span> * <span class=\"hljs-keyword\">from<\/span> customers;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-5\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h2 class=\"wp-block-heading\" id='encrypt-the-database'>Encrypt the database <a href=\"#encrypt-the-database\" class=\"anchor\" id=\"encrypt-the-database\" title=\"Anchor for Encrypt the database\">#<\/a><\/h2>\n\n\n\n<p>First, switch to the master database:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-6\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">USE<\/span> <span class=\"hljs-keyword\">master<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-6\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Second, create a master key:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-7\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">MASTER<\/span> <span class=\"hljs-keyword\">KEY<\/span> ENCRYPTION\n<span class=\"hljs-keyword\">BY<\/span> <span class=\"hljs-keyword\">PASSWORD<\/span>=<span class=\"hljs-string\">'kKyDQouFJKLB7ymBGmlq'<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-7\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>For the password, you should use a very strong one.<\/p>\n\n\n\n<p>Third, create a certificate protected by the master key:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-8\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> CERTIFICATE TDE_Cert\n<span class=\"hljs-keyword\">WITH<\/span> SUBJECT=<span class=\"hljs-string\">'Database_Encryption'<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-8\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Fourth, switch to the test_db:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-9\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">USE<\/span> test_db;\nGO<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-9\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Fifth, create the database encryption key:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-10\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">DATABASE<\/span> ENCRYPTION <span class=\"hljs-keyword\">KEY<\/span>\n<span class=\"hljs-keyword\">WITH<\/span> ALGORITHM = AES_256\nENCRYPTION <span class=\"hljs-keyword\">BY<\/span> <span class=\"hljs-keyword\">SERVER<\/span> CERTIFICATE TDE_Cert;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-10\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Sixth, enable encryption for the test_db database:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-11\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">ALTER<\/span> <span class=\"hljs-keyword\">DATABASE<\/span> test_db\n<span class=\"hljs-keyword\">SET<\/span> ENCRYPTION <span class=\"hljs-keyword\">ON<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-11\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Seventh, check the encryption progress and status:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-12\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">SELECT<\/span> \n\td.name,\n\td.is_encrypted,\n\tdek.encryption_state,\n\tdek.percent_complete,\n\tdek.key_algorithm,\n\tdek.key_length\n<span class=\"hljs-keyword\">FROM<\/span> sys.databases <span class=\"hljs-keyword\">as<\/span> d\n<span class=\"hljs-keyword\">INNER<\/span> <span class=\"hljs-keyword\">JOIN<\/span> sys.dm_database_encryption_keys <span class=\"hljs-keyword\">AS<\/span> dek\n\t<span class=\"hljs-keyword\">ON<\/span> d.database_id = dek.database_id<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-12\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Output:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"723\" height=\"78\" src=\"https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status.png\" alt=\"\" class=\"wp-image-2908\" srcset=\"https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status.png 723w, https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status-300x32.png 300w\" sizes=\"auto, (max-width: 723px) 100vw, 723px\" \/><\/figure>\n\n\n\n<p>The is_ecrypted 1 means the database is encrypted. <\/p>\n\n\n\n<p>The encryption state has one of three values:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>0 &#8211; not encrypted<\/li><li>1 &#8211; the encryption is in progress<\/li><li>3 &#8211; the encryption was completed<\/li><\/ul>\n\n\n\n<p>Eighth, back up the certificate. It&#8217;s important to note that you&#8217;ll need this certificate to restore the database to another database server:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-13\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">BACKUP<\/span> CERTIFICATE TDE_Cert\n<span class=\"hljs-keyword\">TO<\/span> <span class=\"hljs-keyword\">FILE<\/span> = <span class=\"hljs-string\">'c:\\cert\\TDE_Cert'<\/span>\n<span class=\"hljs-keyword\">WITH<\/span> <span class=\"hljs-keyword\">PRIVATE<\/span> <span class=\"hljs-keyword\">KEY<\/span> (<span class=\"hljs-keyword\">file<\/span>=<span class=\"hljs-string\">'c:\\cert\\TDE_CertKey.pvk'<\/span>,\nENCRYPTION <span class=\"hljs-keyword\">BY<\/span> <span class=\"hljs-keyword\">PASSWORD<\/span>=<span class=\"hljs-string\">'kKyDQouFJKLB7ymBGmlq'<\/span>);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-13\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Note that the path c:\\tde_cert must exist on the database server. It&#8217;s not the path on your local computer.<\/p>\n\n\n\n<p>Finally, backup the database. This step is optional.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-14\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">BACKUP<\/span> <span class=\"hljs-keyword\">DATABASE<\/span> test_db\n<span class=\"hljs-keyword\">TO<\/span>  DISK = N<span class=\"hljs-string\">'c:\\backup\\test_db.bak'<\/span> \n<span class=\"hljs-keyword\">WITH<\/span> NOFORMAT, NOINIT,  <span class=\"hljs-keyword\">NAME<\/span> = N<span class=\"hljs-string\">'Test DB-Full Database Backup'<\/span>, <span class=\"hljs-keyword\">SKIP<\/span>, NOREWIND, NOUNLOAD,  STATS = <span class=\"hljs-number\">10<\/span>\n<span class=\"hljs-keyword\">GO<\/span><\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-14\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h2 class=\"wp-block-heading\" id='restore-the-database-to-another-server'>Restore the database to another server <a href=\"#restore-the-database-to-another-server\" class=\"anchor\" id=\"restore-the-database-to-another-server\" title=\"Anchor for Restore the database to another server\">#<\/a><\/h2>\n\n\n\n<p>First, attempt to restore the database without the certificate:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-15\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">RESTORE<\/span> <span class=\"hljs-keyword\">DATABASE<\/span> test_db \n<span class=\"hljs-keyword\">FROM<\/span>  DISK = N<span class=\"hljs-string\">'C:\\backup\\test_db.bak'<\/span> \n<span class=\"hljs-keyword\">WITH<\/span>  <span class=\"hljs-keyword\">FILE<\/span> = <span class=\"hljs-number\">1<\/span>,  NOUNLOAD,  STATS = <span class=\"hljs-number\">5<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-15\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>It failed as expected. Here&#8217;s the error message:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-16\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\">Msg 33111, Level 16, State 3, Line 1\nCannot find server certificate <span class=\"hljs-keyword\">with<\/span> thumbprint <span class=\"hljs-string\">'0xA1456C76093E2E1E1AE0F1E1A57C29D9755C32C3'<\/span>.\nMsg <span class=\"hljs-number\">3013<\/span>, <span class=\"hljs-keyword\">Level<\/span> <span class=\"hljs-number\">16<\/span>, State <span class=\"hljs-number\">1<\/span>, Line <span class=\"hljs-number\">1<\/span>\n<span class=\"hljs-keyword\">RESTORE<\/span> <span class=\"hljs-keyword\">DATABASE<\/span> <span class=\"hljs-keyword\">is<\/span> terminating abnormally.<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-16\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Second, create a certificate from the file and password that we generated in the encryption step:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-17\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> CERTIFICATE TDE_Certificate   \n<span class=\"hljs-keyword\">FROM<\/span> <span class=\"hljs-keyword\">FILE<\/span> = <span class=\"hljs-string\">'C:\\cert\\TDE_Cert'<\/span>\n<span class=\"hljs-keyword\">WITH<\/span> <span class=\"hljs-keyword\">PRIVATE<\/span> <span class=\"hljs-keyword\">KEY<\/span>   \n(  \n    <span class=\"hljs-keyword\">FILE<\/span> = <span class=\"hljs-string\">'C:\\cert\\TDE_CertKey.pvk'<\/span>,  \n    DECRYPTION <span class=\"hljs-keyword\">BY<\/span> <span class=\"hljs-keyword\">PASSWORD<\/span> = <span class=\"hljs-string\">'kKyDQouFJKLB7ymBGmlq'<\/span>  \n);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-17\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Third, restore the database:<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-18\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">RESTORE<\/span> <span class=\"hljs-keyword\">DATABASE<\/span> test_db \n<span class=\"hljs-keyword\">FROM<\/span>  DISK = N<span class=\"hljs-string\">'C:\\backup\\test_db.bak'<\/span> \n<span class=\"hljs-keyword\">WITH<\/span>  <span class=\"hljs-keyword\">FILE<\/span> = <span class=\"hljs-number\">1<\/span>,  NOUNLOAD,  STATS = <span class=\"hljs-number\">5<\/span><\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-18\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<p>Now, it should work as expected.<\/p>\n<div class=\"helpful-block-content\" data-title=\"\">\n\t<header>\n\t\t<div class=\"wth-question\">Was this tutorial helpful?<\/div>\n\t\t<div class=\"wth-thumbs\">\n\t\t\t<button\n\t\t\t\tdata-post=\"2906\"\n\t\t\t\tdata-post-url=\"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/\"\n\t\t\t\tdata-post-title=\"SQL Server TDE\"\n\t\t\t\tdata-response=\"1\"\n\t\t\t\tclass=\"wth-btn-rounded wth-yes-btn\"\n\t\t\t>\n\t\t\t\t<svg\n\t\t\t\t\txmlns=\"http:\/\/www.w3.org\/2000\/svg\"\n\t\t\t\t\tviewBox=\"0 0 24 24\"\n\t\t\t\t\tfill=\"none\"\n\t\t\t\t\tstroke=\"currentColor\"\n\t\t\t\t\tstroke-width=\"2\"\n\t\t\t\t\tstroke-linecap=\"round\"\n\t\t\t\t\tstroke-linejoin=\"round\"\n\t\t\t\t\tclass=\"feather feather-thumbs-up block w-full h-full\"\n\t\t\t\t>\n\t\t\t\t\t<path\n\t\t\t\t\t\td=\"M14 9V5a3 3 0 0 0-3-3l-4 9v11h11.28a2 2 0 0 0 2-1.7l1.38-9a2 2 0 0 0-2-2.3zM7 22H4a2 2 0 0 1-2-2v-7a2 2 0 0 1 2-2h3\"\n\t\t\t\t\t><\/path>\n\t\t\t\t<\/svg>\n\t\t\t\t<span class=\"sr-only\"> Yes <\/span>\n\t\t\t<\/button>\n\n\t\t\t<button\n\t\t\t\tdata-response=\"0\"\n\t\t\t\tdata-post=\"2906\"\n\t\t\t\tdata-post-url=\"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/\"\n\t\t\t\tdata-post-title=\"SQL Server TDE\"\n\t\t\t\tclass=\"wth-btn-rounded wth-no-btn\"\n\t\t\t>\n\t\t\t\t<svg\n\t\t\t\t\txmlns=\"http:\/\/www.w3.org\/2000\/svg\"\n\t\t\t\t\tviewBox=\"0 0 24 24\"\n\t\t\t\t\tfill=\"none\"\n\t\t\t\t\tstroke=\"currentColor\"\n\t\t\t\t\tstroke-width=\"2\"\n\t\t\t\t\tstroke-linecap=\"round\"\n\t\t\t\t\tstroke-linejoin=\"round\"\n\t\t\t\t>\n\t\t\t\t\t<path\n\t\t\t\t\t\td=\"M10 15v4a3 3 0 0 0 3 3l4-9V2H5.72a2 2 0 0 0-2 1.7l-1.38 9a2 2 0 0 0 2 2.3zm7-13h2.67A2.31 2.31 0 0 1 22 4v7a2.31 2.31 0 0 1-2.33 2H17\"\n\t\t\t\t\t><\/path>\n\t\t\t\t<\/svg>\n\t\t\t\t<span class=\"sr-only\"> No <\/span>\n\t\t\t<\/button>\n\t\t<\/div>\n\t<\/header>\n\n\t<div class=\"wth-form hidden\">\n\t\t<div class=\"wth-form-wrapper\">\n\t\t\t<div class=\"wth-title\"><\/div>\n\t\t\t\n\t\t\t<textarea class=\"wth-message\"><\/textarea>\n\n\t\t\t<button class=\"btn btn-primary wth-btn-submit\">Send<\/button>\n\t\t\t<button class=\"btn wth-btn-cancel\">Cancel<\/button>\n\t\t\n\t\t<\/div>\n\t<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest. In this tutorial, we&#8217;ll create a sample database, encrypt it using TDE, and restore the database to another server. Create a test database # First, create a test database called test_db: Next, switch [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":2903,"menu_order":27,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2906","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SQL Server TDE<\/title>\n<meta name=\"description\" content=\"TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SQL Server TDE\" \/>\n<meta property=\"og:description\" content=\"TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/\" \/>\n<meta property=\"og:site_name\" content=\"SQL Server Tutorial\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-16T07:01:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status.png\" \/>\n\t<meta property=\"og:image:width\" content=\"723\" \/>\n\t<meta property=\"og:image:height\" content=\"78\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/\",\"url\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/\",\"name\":\"SQL Server TDE\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/wp-content\\\/uploads\\\/sql-server-tde-status.png\",\"datePublished\":\"2022-03-08T09:37:42+00:00\",\"dateModified\":\"2025-09-16T07:01:18+00:00\",\"description\":\"TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/wp-content\\\/uploads\\\/sql-server-tde-status.png\",\"contentUrl\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/wp-content\\\/uploads\\\/sql-server-tde-status.png\",\"width\":723,\"height\":78},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/sql-server-tde\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SQL Server Administration\",\"item\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/sql-server-administration\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SQL Server TDE\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/#website\",\"url\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/\",\"name\":\"SQL Server Tutorial\",\"description\":\"The Practical SQL Server Tutorial\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sqlservertutorial.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SQL Server TDE","description":"TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/","og_locale":"en_US","og_type":"article","og_title":"SQL Server TDE","og_description":"TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest.","og_url":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/","og_site_name":"SQL Server Tutorial","article_modified_time":"2025-09-16T07:01:18+00:00","og_image":[{"width":723,"height":78,"url":"https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/","url":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/","name":"SQL Server TDE","isPartOf":{"@id":"https:\/\/www.sqlservertutorial.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/#primaryimage"},"image":{"@id":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/#primaryimage"},"thumbnailUrl":"https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status.png","datePublished":"2022-03-08T09:37:42+00:00","dateModified":"2025-09-16T07:01:18+00:00","description":"TDE stands for Transparent data encryption. TDE allows you to\u00a0encrypt SQL Server data files. This encryption is called encrypting data at rest.","breadcrumb":{"@id":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/#primaryimage","url":"https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status.png","contentUrl":"https:\/\/www.sqlservertutorial.net\/wp-content\/uploads\/sql-server-tde-status.png","width":723,"height":78},{"@type":"BreadcrumbList","@id":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/sql-server-tde\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sqlservertutorial.net\/"},{"@type":"ListItem","position":2,"name":"SQL Server Administration","item":"https:\/\/www.sqlservertutorial.net\/sql-server-administration\/"},{"@type":"ListItem","position":3,"name":"SQL Server TDE"}]},{"@type":"WebSite","@id":"https:\/\/www.sqlservertutorial.net\/#website","url":"https:\/\/www.sqlservertutorial.net\/","name":"SQL Server Tutorial","description":"The Practical SQL Server Tutorial","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sqlservertutorial.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/pages\/2906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/comments?post=2906"}],"version-history":[{"count":3,"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/pages\/2906\/revisions"}],"predecessor-version":[{"id":4623,"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/pages\/2906\/revisions\/4623"}],"up":[{"embeddable":true,"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/pages\/2903"}],"wp:attachment":[{"href":"https:\/\/www.sqlservertutorial.net\/wp-json\/wp\/v2\/media?parent=2906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}