I'm wondering if there is a way to create an AES key based off a key that was created through another application. In other words, I don't want SQL Server to create the AES key I want it to store a pre-existing one. It would be ideal if once the pre-existing key has been added that it would be protected by the SQL Server certificate.
Does that make sense?
I didn't see how the CREATE SYMMETRIC KEY or the ALTER SYMMETRIC KEY would let me do this.
If I can't do this, then does anyone know where I can find the APIs neccessary to create a simple EKM provider? I haven't been able to find much documentation on that either.
I think EKM may solve your problem, SQL Server provides data encryption capabilities together with Extensible Key Management (EKM), using the Microsoft Cryptographic API (MSCAPI) provider for encryption and key generation.
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.