This documentation is archived and is not being maintained.

How to: Back Up the Reporting Services Encryption Key

For a single-server deployment of Visual Studio Team System Team Foundation Server, you can back up the encryption key by using the Reporting Services Configuration tool or the RSKEYMGMT command-line tool that SQL Server provides. For a dual-server or cluster deployment, you must use RSKEYMGMT.

Required Permissions

To perform this procedure, you must be a member of the Local Administrator group, which has the role of a Content Manager in SQL Server Reporting Services, or have the Manage report server security permission set to Allow. For more information, see Team Foundation Server Permissions or the following pages on the Microsoft Web site: "Administering a Report Server Database" for SQL Server 2005 or "Administration (Reporting Services)" for SQL Server 2008.

To back up the encryption key by using the Reporting Services Configuration tool

  1. On the server that is running SQL Server Reporting Services, click Start, point to All Programs, point to Microsoft SQL Server, point to Configuration Tools, and then click Reporting Services Configuration.

    The Report Server Installation Instance Selection dialog box opens.

  2. Type the name of the data-tier server and database instance, and then click Connnect.

  3. In the left navigation bar, click Encryption Keys, and then click Backup.

    The Encryption Key Information dialog box opens.

  4. In Password, type a password for the file.

  5. Next to Key File, click the browse button (…).

    The Save As dialog box opens.

  6. Type a file name for the encryption key, and click OK twice.

To back up the encryption key by using RSKEYMGMT

  1. Open the Command Prompt window, and change directories to the location of the RSKEYMGMT tool.

    By default, the tool is located in the following directory:

    Drive:\Program Files\Microsoft SQL Server\90\Tools\Binn


    Even if you are logged on with administrative credentials, you must open an elevated Command Prompt to perform this function on a server that is running Windows Server 2008. To open an elevated Command Prompt, click Start, right-click Command Prompt, and click Run as Administrator. For more information, see the Microsoft Web site.

  2. Use RSKEYMGMT with its -e, -f, and -p parameters to back up the encryption key and protect it with a password.

    For example, the following command line extracts the key, creates a file on the drive C named MyRSKeyBackUp, and specifies a password.

    RSKEYMGMT -e -f c:/MyRSKeyBackUp -p StrongPassword


    For more information about RSKEYMGMT, type RSKEYMGMT /? at a command prompt.