Symptoms

When attempting to install K2 against Azure SQL as per documentation:

https://help.k2.com/onlinehelp/k2blackpearl/icg/current/Content/Install/AzureSQL/AzureSQL_BP.htm

The installation fails with:

32:25: DBQuery.RunQuery: 14:55:14:>> Exception occurred while running query: The key is not encrypted using the specified decryptor.

32:24: Log.WriteUnindent: 14:55:14:>> End RunQuery

32:24: RecreateEncryptionKey.Create: 14:55:14:andgtandgt Logged Error: Could not create cert and master key: System.Data.SqlClient.SqlException (0x80131904): The key is not encrypted using the specified decryptor. When attempting to start the K2 server, we get the following error: Error 2001 Error Starting Host Server: Cannot find the symmetric key 'SCSSOKey', because it does not exist or you do not have permission.
 

Diagnoses

It was determined that the Azure SQL server had Auditing & Threat Detection enabled. Threat Detection causes the master keys to be created automatically for all the databases on the server, which is causing problems for the K2 installer since the password is different.
 

Resolution

Threat Detection was disabled and the existing master key dropped to allow for installation of K2. It was indicated that it may also be possible to turn Threat Detection back on after successful installation of K2.