Sql-docs: "Allow Enclave Computations" option is missing

Created on 25 Jun 2019  ·  10Comments  ·  Source: MicrosoftDocs/sql-docs

I did all steps successfully until "Step 5: Provision enclave-enabled keys" where the "Allow Enclave Computations" option doesn't show up for me. Are there some missing steps that I need to do?

OS: Windows Server 2019 data center.
SQL Server 2019 CTP3 Eval - Developer version.


Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

Pri2 assigned-to-author bug securittech sqprod

All 10 comments

I got this very same error: https://social.msdn.microsoft.com/Forums/en-US/e5fd5f37-077d-4460-9d79-c663ad6f714f/sql-2019-missing-quotallow-enclave-computationsquot-amp-no-enclave-provider-found-for?forum=sqlsecurity

Information of my environment:
SQL Server Management Studio 15.0.18131.0 (v18.1)
Microsoft Analysis Services Client Tools 15.0.1347.0
Microsoft Data Access Components (MDAC) 10.0.17763.1
Microsoft MSXML 3.0 6.0
Microsoft Internet Explorer 9.11.17763.0
Microsoft .NET Framework 4.0.30319.42000
Operating System 10.0.17763


SELECT [name], [value], [value_in_use] FROM sys.configurations
WHERE [name] = 'column encryption enclave type';

return

column encryption enclave type  1   1

You have mostly likely encountered the bug, which is documented in the release notes at: https://docs.microsoft.com/en-us/sql/sql-server/sql-server-ver15-release-notes?view=sqlallproducts-allversions#loading-enclave-fails. The bug causes a failure when loading the enclave library. The checkbox does not appear in SSMS, because the server does not have an active enclave (due to the bug).

We have fixed this issue in the upcoming CTP 3.1 that will ship soon. Once it is released, please install it on your SQL machine, and you should be able to resume the tutorial.

The fine answer provided by jaszymas constitutes a Fix for this Issue 2376. Closing now.

@thuannguy Thank you for submitting this Issue. We hope to hear from you again.

The @ notification mechanism continues to work even after an item is Closed, in case further communication is needed.

@MightyPen

It seems that the release note was updated yesterday and the part about that security enclave loading bug was removed. Is it still included in CTP 3.1?

https://github.com/MicrosoftDocs/sql-docs/commit/419f46ae2012bce65d670e40457aeb77256307a8#diff-171b0d35ed7df7953cc87e9c7b78bd08

@thuannguy I am unsure what you meant by the word "it". But our proper practice is the treat the Release Notes as true, partly because they are well scrutinized before being published.

In this particular case, the previous text about the bug was deliberately removed. Personally I take that to mean that the bug is fixed in CTP 3.1. It would be unusual for us to keep a list of old fixed bugs from old CTP versions in the Release Notes of the latest CTP release. I have no reason to doubt my conclusion that the bug is fixed in CTP 3.1, but again for official statements, the Release Notes is the official word.

If you see something that is wrong about the Release Notes, please let us know.
Thanks.

Yes, the bug was fixed in CTP 3.1 (as I indicated earlier), and that's why the corresponding entry was removed from the release notes.

thank you for your swift response. I can confirm that CTP 3.1 fixes my issue 😄

We are running on Microsoft SQL Server 2019 (RC1) - 15.0.1900.25 (X64) Developer Edition and are still unable to follow Step 5 due to enlave errors.

We are also seeing 'Internal enclave error: Cannot initialize the VBS enclave. Load method: 敇䕴据慬敶' in the Event Logs.

We've been told thet CTP 3.1 should have been included in 15.0.1900.25 but we're still hitting this issue.

Here are few suggestions for troubleshooting this issue.

  1. Run the following query SELECT [name], [value], [value_in_use] FROM sys.configurations WHERE [name] = 'column encryption enclave type';
    both value and value_in_use should be 1. If value = 1, but value_in_use = 0, restart your server and check again.
  2. If both value = 1 and value_in_use = 1, run the following query: select * from sys.dm_column_encryption_enclave. If the view contains exactly 1 row, the enclave has loaded properly. If the view contains no rows, check the SQL Server error log for enclave initialization errors - see https://review.docs.microsoft.com/en-us/sql/relational-databases/performance/view-the-sql-server-error-log-sql-server-management-studio. Please let us know what you find in the error log, and we will be happy to help investigate further.
  3. if the query from the above step returned 1 row (i.e. the enclave is healthy), please check the version of SSMS. Version 18 or higher is required. We recommend the latest release: 18.3.1.

Please, let us know the outcome of your investigation.

Thanks.

Newer Issue #3414 is a continuation of this Issue #2376 .

Was this page helpful?
0 / 5 - 0 ratings