Experience True 24/7 Support Services

Embrace an end-to-end support with preventive care for your Microsoft SQL Server to keep the databases healthy and running. 

SQL Server Severity 17 Error 13805

SQL Server Error 13805, Severity 17 corresponds to encryption issues or problems encountered while working with cryptographic providers. This error message is associated with a key handling problem when SQL Server tries to use an Extensible Key Management (EKM) provider for encryption or decryption operations. A typical scenario involves misconfiguration or connection issues between SQL Server and the external EKM module.

Severity 17 indicates that this is not a user-level problem, but rather something caused by resource constraints, incorrect configurations, or environmental failures.

Common causes: 

  • Improper Configuration of Cryptographic Providers: The cryptographic provider details may be incorrectly configured in SQL Server, resulting in communication errors.     
  • Missing External Libraries/Drivers: If using an external Extensible Key Management device (e.g., Hardware Security Module), necessary libraries/drivers may not be installed on the server.  
  • Connectivity Issues With EKM Provider Service: Network-related issues could block communication between your database instance and the external security devices/services.     
  • Permission Problems: The account running the SQL Server service might lack proper privileges required for accessing keys from the cryptographic provider. 
  • Provider Timeout Or Misconfigured Algorithms: Incorrect algorithms specified during setup can cause incompatibility that results in failure during encryption/decryption attempts. 

Guidance for Troubleshooting:  

Verify Current Configuration Run T-SQL queries against system views related to Cryptographic Providers. List all registered cryptographic providers.

SELECT * FROM sys.dm_crypt_provider_properties;

Check current Encrypted Symmetric Keys status.

SELECT * FROM sys.symmetric_keys;

Validate if there are any discrepancies such as missing properties (`module_path`) or unused entries which may indicate stale configuration settings. 

Check Encryption Algorithm Compatibility Ensure that you’re using a compatible algorithm supported by both SQL Server and your specific EKM/crypto-provider setup. Example Encryption Setup Validation Query: 

CREATE SYMMETRIC KEY <KeyName> WITH ALGORITHM = AES_256  
ENCRYPTION BY PROVIDER MY_CRYPT_PROVIDER_NAME; 

If this query fails with error code 13805, there’s likely a compatibility issue at play; consult documentation from your crypto-provider vendor.

Validate Permissions For Service Account The Windows account under which MSSQLSERVER runs must have adequate permissions to access resources needed by third-party plugins/libraries involved here!

Get started today.
Get more for your investments.