To encrypt columns in existing tables, use the modify column option on the alter table statement with the encrypt clause:
alter table table_name modify column_name [encrypt [with [[database.][owner].]keyname]]
keyname – identifies a key created using create encryption key. The creator of the table must have select permission on keyname. If keyname is not supplied, Adaptive Server looks for a default key created using the as default clause on the create encryption key.
See the Adaptive Server Enterprise Reference Manual for the complete syntax for alter table.
There are restrictions on modifying encrypted columns:
You cannot modify a column for encryption or decryption on which you have created a trigger. You must:
Drop the trigger.
Encrypt or decrypt the column.
Re-create the trigger.
You cannot change an existing encrypted column, modify a column for encryption or decryption on a table, or modify the type of an encrypted column if that column is a key in a clustered or placement index. You must:
Drop the index.
Alter the table/modify the type of column.
Re-create the index.
You can alter the encryption property on a column at the same time you alter other attributes. You can also add an encrypted column using alter table.
For example:
alter table customer modify custid null encrypt with cc_key alter table customer add address varchar(50) encrypt with cc_key
