Search code examples
sql-serverpowershellalways-encryptedcng

Always encrypted provisioning CNG with powershell exception

I'm having a problem while making a powershell script for creation of Always Encrypted column encryption keys

When I run these functions from the SqlServer powershell module, I get the following error.

# $cngProviderName "Microsoft Software Key Storage Provider";
# $cngKeyName = name of the CngKeyIdentifier
$cmkSettings = New-SqlCngColumnMasterKeySettings -CngProviderName $cngProviderName -KeyName $cngKeyName;

# This command is throwing the exception
$encryptedValue = New-SqlColumnEncryptionKeyEncryptedValue -TargetColumnMasterKeySettings $cmkSettings

S System.TypeInitializationException: The type initializer for 'Microsoft.SqlServer.Management.AlwaysEncrypted.Types.AlwaysEncryptedManager' threw an exception. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.TypeInitializationException: The type initializer for 'Microsoft.SqlServer.Management.AlwaysEncrypted.Management.AlwaysEncryptedManagement' threw an exception. ---> System.TypeLoadException: Method 'get_SerializationSettings' in type 'Microsoft.Azure.KeyVault.KeyVaultClient' from assembly 'Microsoft.Azure.KeyVault, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' does not have an implementation.

I'm really puzzled as to why I'm getting the error, I'm not using the Azure KeyVault based functionality, and I'm not sure why I get this reflection error.

I've tried extensively looking for this error, but I couldn't find the problem. When using the certificate based approach I get the same problem.

Is there any one who can tell me how to resolve this issue?

Solution

  • After looking into assembly dependencies and how these work in powershell, I looked at "Microsoft.Azure.KeyVault" and figured that it could be in conflict with existing Azure modules that I've loaded.

    After removing all of the Azure modules in powershell: (src): https://learn.microsoft.com/en-us/azure-stack/operator/azure-stack-powershell-install?view=azs-2008

    Get-Module -Name Azure* -ListAvailable | Uninstall-Module -Force -Verbose -ErrorAction Continue Get-Module -Name Azs.* -ListAvailable | Uninstall-Module -Force -Verbose -ErrorAction Continue Get-Module -Name Az.* -ListAvailable | Uninstall-Module -Force -Verbose -ErrorAction Continue

    I managed to run my script. In removing them I ensured there weren't any conflicts.