Rotating the Master Key on the Active SQL Server Node

1. Ensure that you are running on the active node for the database that you intend to encrypt. You can do this by checking the Windows Failover Cluster Manager or the SQL Server Management Studio.

2. Rotate the master key using the following script: 

   PS> .\encryptclust.ps1 -database <my_test_db> -config .\entrust.conf -rotate

   Where:

   • -database is the name of the database.

   • -config is the name of the configuration file that you updated.

   • -rotate provides the information that the database is already encrypted and the key needs to be rotated.