To encrypt columns in existing tables, use the modify column option on the alter table statement:
alter table table_name modify column_name [encrypt [with [database.[owner].]keyname]]
keyname – identifies a key created using create encryption key. The creator of the table must have select permission on keyname. If keyname is not supplied, Adaptive Server looks for a default key created using the as default clause on the create encryption key. See the Adaptive Server Enterprise Reference Manual for the complete alter table syntax.
Encrypting a column in an existing table on which a
trigger has been created causes the alter table to
fail with an error. You must drop the trigger, alter the table for
encryption; then recreate the trigger.
You cannot modify a column for decryption on which you have created
a trigger. You must first drop the trigger, dectrypt the column,
then recreate the trigger.
You cannot change an existing encrypted column or modify a column
for encryption or decryption if that column is a key in a clustered
or placement index. You must drop the index, alter the table, and
then re-create the index.
You can alter the encryption property on a column at the same time you alter other attributes such as datatype and nullability. You can also add an encrypted column using alter table.
For example:
alter table customer modify custid null encrypt with cc_key alter table customer add address varchar(50) encrypt with cc_key
See “alter table” for the complete syntax.
