This topic has not yet been rated - Rate this topic

BACKUP MASTER KEY (Transact-SQL)

SQL Server 2012

Exports the database master key.

Topic link icon Transact-SQL Syntax Conventions


          

BACKUP MASTER KEY TO FILE = 'path_to_file' 
    ENCRYPTION BY PASSWORD = 'password'

Arguments

FILE ='path_to_file': Specifies the complete path, including file name, to the file to which the master key will be exported. This may be a local path or a UNC path to a network location.
PASSWORD ='password': Is the password used to encrypt the master key in the file. This password is subject to complexity checks. For more information, see Password Policy.

Remarks

The master key must be open and, therefore, decrypted before it is backed up. If it is encrypted with the service master key, the master key does not have to be explicitly opened. But if the master key is encrypted only with a password, it must be explicitly opened.

We recommend that you back up the master key as soon as it is created, and store the backup in a secure, off-site location.

Permissions

Requires CONTROL permission on the database.

Examples

The following example creates a backup of the AdventureWorks2012 master key. Because this master key is not encrypted by the service master key, a password must be specified when it is opened.

USE AdventureWorks2012;
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'sfj5300osdVdgwdfkli7';
BACKUP MASTER KEY TO FILE = 'c:\temp\exportedmasterkey' 
    ENCRYPTION BY PASSWORD = 'sd092735kjn$&adsg';
GO

Reference

CREATE MASTER KEY (Transact-SQL)

OPEN MASTER KEY (Transact-SQL)

CLOSE MASTER KEY (Transact-SQL)

RESTORE MASTER KEY (Transact-SQL)

ALTER MASTER KEY (Transact-SQL)

DROP MASTER KEY (Transact-SQL)

Concepts

Encryption Hierarchy

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Additions

ADD