0

I am using Microsoft SQL Azure (RTM) - 12.0.2000.8, where I configured the secure enclave with VBS where I am using keyvalut for creating column master key. All the operators are working fine except like. Able to insert, update with where clause.

Tried with DETERMINISTIC and RANDOMIZED both encryption type.

Below code is working:

EXEC sp_describe_parameter_encryption N'select * from test1 where gender like (@c1)', N'@c1 varchar(10)';

Below code is failing

declare @c1 varchar(10)='%Male%'

select Name from test1 where gender like @c1

error:

An error occurred while executing batch. Error message is: Error occurred when reading 'sp_describe_parameter_encryption' resultset. Attestation URL has not been specified in the connection string, but the query requires enclave computations. Enclave type is 'Virtualization Base Security'.

We are using SSMS version 12.2

Note: I have used all types of datatypes for the column/variable, such as nvarchar, varchar, and char.

Improve this question
2
  • 1
    And did you specify the attestation URL like the docs learn.microsoft.com/en-us/sql/relational-databases/security/… Commented Jun 6 at 12:50
  • Attestation doesn't require in case of VBS as per below, and we are using VBS only. Product Enclave technology Supported attestation protocols SQL Server 2019 (15.x) and later VBS enclaves Host Guardian Service, None Azure SQL Database SGX enclaves (in DC-series databases) Microsoft Azure Attestation Azure SQL Database VBS enclaves None Commented Jun 9 at 10:52

1 Answer 1

Reset to default
-1

An error occurred while executing batch. Error message is: Error occurred when reading 'sp_describe_parameter_encryption' resultset. Attestation URL has not been specified in the connection string, but the query requires enclave computations. Enclave type is 'Virtualization Base Security'.

This error is related to Always Encrypted with Enclaves in SQL Server or Azure SQL Database.and is caused by Always Encrypted feature.

You can try the below at your end:

If you do not want to use parameterization, you can manually declare and assign values to variables in your query. For example:

DECLARE @DB_String VARCHAR(10);
SET @DB_String = 'Redesign';

Alternatively, you can disable parameterization by modifying the connection settings. Right-click on the query window → Connection → Change Connection → Options >> → Additional Connection Parameters, and add:

Column Encryption Setting=Disabled

This will prevent the use of parameter encryption entirely.

However, if you do need to use parameterization with encrypted variables, it currently works reliably only at the individual query level. Stored procedures tend to cause issues with Always Encrypted, especially since they can be executed by users who might have different Column Encryption Setting configurations in their connections.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.