Linked server connection fails with “An error occurred during decryption”
Posted by Karthick P.K on January 9, 2012
We might get Error: 15466, Severity: 16, State: 2 An error occurred during decryption while installing Projects servers (or) Sending mails using database mail (or) Linked server connections might fail with Msg 15593, Level 16, State 1, Line 1
Linked server connection fails with below error
{
Failed to retrieve data for this request. (Microsoft.SqlServer.Management.Sdk.Sfc)
——————————
ADDITIONAL INFORMATION:
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
——————————
An error occurred during decryption. (Microsoft SQL Server, Error: 15466)
Msg 15593, Level 16, State 1, Line 1
An error occurred while decrypting the password for linked login ‘distributor_admin’ that was encrypted by the old master key. The error was ignored because the FORCE option was specified.
}
Database mail might fail with below error
{
Set mail server login password failed for MailServer ‘Domain’. (Microsoft.SqlServer.Smo)
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
An error occurred during decryption. (Microsoft SQL Server, Error: 15466)
}
Or
You notice below errors in SQL Server errorlogs
spid10s Error: 15581, Severity: 16, State: 3.
Please create a master key in the database or open the master key in the session before performing this operation.
Cause
SQL Server service account was changed from services control manager (or) service master key was not backed up and restored when migrating SQL Server to another computer domain.
{
http://msdn.microsoft.com/en-us/library/ms187788.aspx
To change the SQL Server service account, use SQL Server Configuration Manager. To manage a change of the service account, SQL Server stores a redundant copy of the service master key protected by the machine account that has the necessary permissions granted to the SQL Server service group. If the computer is rebuilt, the same domain user that was previously used by the service account can recover the service master key. This does not work with local accounts or the Local System, Local Service, or Network Service accounts. When you are moving SQL Server to another computer, migrate the service master key by using backup and restore.
The REGENERATE phrase regenerates the service master key. When the service master key is regenerated, SQL Server decrypts all the keys that have been encrypted with it, and then encrypts them with the new service master key. This is a resource-intensive operation. You should schedule this operation during a period of low demand, unless the key has been compromised. If any one of the decryptions fail, the whole statement fails.
The FORCE option causes the key regeneration process to continue even if the process cannot retrieve the current master key, or cannot decrypt all the private keys that are encrypted with it. Use FORCE only if regeneration fails and you cannot restore the service master key by using the RESTORE SERVICE MASTER KEY statement.
}
Resolution
Regenerate the service master key using ALTER SERVICE MASTER KEY REGENERATE
If you receive the following error message when running ALTER SERVICE MASTER KEY REGENERATE.
{
The current master key cannot be decrypted. If this is a database master key, you should attempt to open it in the session before performing this operation. The FORCE option can be used to ignore this error and continue the operation but the data encrypted by the old master key will be lost.
}
We are left with only option to force regenerating service master key using “ALTER SERVICE MASTER KEY FORCE REGENERATE “.
Note:The service master key is the root of the SQL Server encryption hierarchy. The service master key directly or indirectly protects all other keys and secrets in the tree. If a dependent key cannot be decrypted during a forced regeneration, the data the key secures will be lost.
If you liked this post, do like us on Facebook at https://www.facebook.com/mssqlwiki and join our Facebook group https://www.facebook.com/mssqlwiki#!/groups/454762937884205/
Thank you,
Karthick P.K |My Facebook Page |My Site| Blog space| Twitter
MSSQLWIKI 
Bibi Birckhead said
Really good info can be found on web blog.
Edgar Nunes said
This post and Karthick’s advice saved my ass. Thank you very much.
routzong said
Thanks so much, this fixed my problem!!!
dustin0Bail.weddingwindow.com said
Awesome! Its really remarkable article, I have got much clear idea regarding from this piece of writing.
coupon code said
Thank you a bunch for sharing this with all people you actually recognise what you’re speaking about!
Bookmarked. Please additionally discuss with my web site =).
We may have a hyperlink exchange contract among us
Top SQL Server blogs from MSSQLWIKI « MSSQLWIKI said
[…] Linked server connection fails with “An error occurred during decryption” […]
child bicycle trailer gumtree said
Hello, I wish for to subscribe for this weblog to get
most recent updates, thus where can i do it please help out.
BestGreta said
I have noticed you don’t monetize your blog, don’t waste your traffic,
you can earn extra cash every month because you’ve got high quality content.
If you want to know how to make extra money, search for: Ercannou’s essential tools best adsense alternative
jennifer Carpenter seth avett said
jennifer Carpenter seth avett
Linked server connection fails with “An error occurred during decryption” « MSSQLWIKI