Don't really know if this should be posted in "High Availability and Disaster Recovery" or "Service Broker" so I post here in the generic forum.
We have a three-server setup where almost all databases on Server1 are mirrored on Server2. Server3 plays the role of Witness in the mirror and is also used for archiving databases that are fed from some of the mirrored databases by using Service Broker.
These archive databases used to be located on Server2 but since the SSB route changed from external to local during a fail-over we wanted to move them to a third server so that the archiving didn't stop during a fail-over. We now have that third server but
the problem hasn't stopped.
As long as Server1 is the principal everything works fine but when we fail-over to Server2 the messages just keeps accumulating in the TransmissionQueue with a message that says that Service Broker could not decrypt the message, I don't have the exact message now since our systems had problems during the last fail-over and therefore I am not allowed to do a fail-over until that is fixed.
I have tried to rebuild the security on Server2 to make it identical to Server1. From the master databases master key, via the specific database's master keys, to the certificates and users used by Service Broker. My gut feeling tells me that either I have
missed the security somewhere high up in the chain or this particular setup is not supported by SQL Server. We were running SQL Server 2008 R2 SP1 on all three machines but have now upgraded to SP2.
I really hope that someone on this forum can set me on the right path and is willing to help me out.
Thanks for your time
DS
