I posted this issue a while back but wasn't able to try a solution because we couldn't get downtime. Anyways, a user suggested changing the Service account using SQL server configuration manager and then trying. Last Friday, I tried this and it didn't make a difference when I tried to roll the instance to another node in the cluster (all databases that are encrypted said "Recovery Pending"). At this point, I would like to remove TDE completely and re add. Does anyone see any issues with this? It makes sense to me since we just consolidated some instances and would be cleaner to use 1 certificate.
Thanks!