Don't miss out Virtual Happy Hour this Friday (April 26).

Try our conversational search powered by Generative AI!

AI OnAI Off

Migration with Mediachase_ECF50_MDP_Key

Yan Cloutier
Yan Cloutier
Vote:
 

Hi,

In our migration from Commerce 8.17.0 to 12.8.0, we got an error in the "Migrating table 'CatalogNodeEx_Brands'" step:

Migrates published Catalog Content has failed with exception 'System.Data.SqlClient.SqlException (0x80131904): Cannot find the symmetric key 'Mediachase_ECF50_MDP_Key', because it does not exist or you do not have permission. Cannot find the symmetric key 'Mediachase_ECF50_MDP_Key', because it does not exist or you do not have permission

I've found out that we had to run the EncryptionSupport.sql to fix the issue but we were wondering why we had to create the certificate and all if we don't use encryption in EpiServer.

It seems that the CatalogContentProperty_Migrate stored proc opens the key if we're not AzureCompatible:

BEGIN
IF dbo.mdpfn_sys_IsAzureCompatible() = 0 -- Fields will be encrypted only when only when DB does not support Azure
BEGIN
--update encrypted field: support only LongString field
EXEC mdpsp_sys_OpenSymmetricKey

Is there a way to migrate without having to create the key and then manage it or now we have to do it?

#197692
Oct 10, 2018 16:48
Quan Mai
Quan Mai
Vote:
 

If you are not using encryption at all, then EncryptionSupport.sql is quite ... harmless. If you ran it then it should not cause trouble to you.

In case you want more "pure" solution, you can run this (remember to back up and proceed with caution)

UPDATE dbo.AzureCompatible SET AzureCompatible = 1

Btw, upgrading from 8.17 to 12.8 is a big improvement and I'm happy you are doing it. Next step, please keep your site up to date!

#197697
Oct 10, 2018 17:13
Yan Cloutier
Yan Cloutier
Vote:
 

If I set AzureCompatible to 1, can it affects something in our commerce site or is it affecting only the migration?

I saw the certificate on the SQL server has an expiry date of 1 year, do we need to renew it every year?

#197705
Oct 10, 2018 19:42
Quan Mai
Quan Mai
Vote:
 

It is a side-wise setting, but it is only for encryption. if you are not using encryption, and if you don't plan to, it does not matter.

after that you can forget about the certificate 

#197706
Oct 10, 2018 20:47
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.