When K2 databases are moved from one SQL server or instance to a different SQL server or instance, and the K2 Setup Manager is used to reconfigure the database connections in K2, encrypted data may no longer be accessible by K2.


K2 uses data encyption to protect sensitive data, such as SQLUM credentials, SmartObject service instance passwords, cached SSO and Run As credentials, and SmartBox data marked as encrypted. When the K2 database (consolidated or multiple) is relocated to a new SQL server, the K2 server may no longer be able to decrypt the data. The cause of this issue is due to the K2 Setup Manager dropping and recreating the encryption key based on the database move. This behavior no longer occurs in K2 4.6.3 and later releases.

If you reconfigured a database prior to K2 4.6.3, it may be necessary to re-encrypt the data manually. In most cases there is no encrypted data stored in the K2 database. However, if you believe you have encrypted data that is no longer accessible after a database move, contact K2 Support.