I have implemented SQL Server TDE 2017 with an external hardware security module
We faced a intermittent issue. We kept encountered an error has occurred during decryption. we have to restart sql server services and it solved the issue
Does SQL Server access the HSM to retrieve the asymmetric key to decrypt the database encryption key when it first start up SQL Server service (one time retrieval) and store the decrypted database encryption key into a secure area in memory? or SQL Server service has to keep decrypt the database encryption key frequently?