Encryption and Mirroring

DbDefence can be used on mirrored databases. You may encrypt both databases: on principal and on mirror server. Or one of them. Encryption works independently.

Principal Server

To encrypt the database on principal server (the database to be mirrored) you need to break the mirror first. It is required because encryption process needs to take the database offline, but SQL Server does not allow that for the mirrored database.

Steps to encrypt mirrored database on principal server:

1. Stop mirroring for the database.

2. Encrypt the database.

3. If your favorite tool to manage database is SSMS, then provide access for SSMS to the encrypted database. If you prefer SQL, then just unlock access to encrypted database with the following query:


then run SQL script to setup a mirror.

4. Start mirroring process.

Mirror Server

There is no special steps needed to encrypt the mirror.