USE master;

GO

select * from sys.symmetric_keys

select * from sys.databases where is_encrypted=1

SELECT * FROM sys.certificates

/* encryption_state = 3 is encrypted */

SELECT DB_NAME(database_id), * FROM sys.dm_database_encryption_keys   WHERE encryption_state = 3 

USE master

GO

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'Use_Complicated_password'

go

--optional

BACKUP MASTER KEY

TO FILE = 'D:\SQL Backups\master_key.bak'

ENCRYPTION BY PASSWORD = '+++++'

go

--optional

BACKUP SERVICE MASTER KEY

TO FILE = 'D:\SQL Backups\service_master_key.bak'

ENCRYPTION BY PASSWORD = '+++++' 

go

CREATE CERTIFICATE TDECert2 /* name it as you prefer */

/* both backup files had been created on original server using BACKUP CERTIFICATE command */   

FROM FILE = 'D:\SQL Backups\certificate_TDECert1.cer.bak'  

WITH PRIVATE KEY (FILE = 'D:\SQL Backups\certificate_TDE_Key.pvk.bak', 

/* password was set during backing up keys on original servers */

DECRYPTION BY PASSWORD = 'Password_Neccessary_To_Restore') 

USE master;

GO

restore database WorkspaceDB from disk='D:\SQL Backups\WorkspaceDB_TDE.bak'

with

  recovery,file=1,stats=25

  ,move 'WorkspaceDB' to 'D:\SQLData\WorkspaceDB.mdf'

  ,move 'WorkspaceDB_log' to 'D:\SQLData\WorkspaceDB.ldf'

go

--optionally (because you have backup from original server) but recommended back up certificate on new server

BACKUP CERTIFICATE TDECert2 

TO FILE = 'F:\SQLBackup\certificate_TDECert2.cer.bak'

WITH PRIVATE KEY

(FILE = 'F:\SQLBackup\certificate_TDECert2_Key.pvk.bak',

ENCRYPTION BY PASSWORD = 'Use_Strong_Password_Neccessary_To_Restore_Later')