Enable the EDSV multi-usage combination for asymmetric keys

1min

For this step, you must log in with an identity that has a role with permissions Security:Key Settings. You can use the default Administrator role and Admin identities.
Microsoft SQL Always Encrypted requires asymmetric keys with multiple usages, which you can configure, but is not enabled by default on the . The specific multi-usage combination required is EDSV.
Use one of the following methods to enable the EDSV multi-usage combination for asymmetric keys:
Excrypt Manager
FXCLI
1
Go to the Extended Options menu. In the Usage section, a drop-down list enables you to select Asymmetric Authorize or Asymmetric Anonymous. 
If you configured mutual authentication for the connection between the  FXCNG module and the  in the previous section, select Asymmetric Authorize. 
If you configured server-side authentication in the previous section, select Asymmetric Anonymous. 
After selecting one of the options, select [ Add ].
2
Select the EDSV usage combination and select [ OK ].
3
Select [ Save ] to save the changes.
Choose one of the following options based on your connection method:
1
If you configured mutual authentication for the connection between the  FXCNG module and the  in the previous section, run the following multi-usage add FXCLI command to add the EDSV multiusage combination for asymmetric keys for authorized users:
FXCLI
multi-usage add --asymmetric --auth -edsv
multi-usage add --asymmetric --auth -edsv
﻿
2
If you configured server-side authentication in the previous section, run the following multi-usage add FXCLI command to add the EDSV multi-usage combination for asymmetric keys for anonymous users:
FXCLI
multi-usage add --asymmetric --anon -edsv
multi-usage add --asymmetric --anon -edsv
﻿
﻿

Updated 26 Aug 2024

Did this page help you?

Configure TLS authentication

Edit the Futurex CNG configuration file