SQL service won´t start up after certificate removal

Question

I have SCCM 2012 + SQL 2008 R2 and I used to have certificates on that server. There are 5 different certs stored locally. I removed CA and SCCM was turned back to http mode, so it doesn´t require any certs. So I desided to remove those certs from local store. After that, SQL service won´t start up, wining about missing cert. I re-enrolled the certs back from CA and add one cert in IIS binding as SSL cert, but it didn´t fix the situation.

The question is, how I get my SQL services to forget about certificate requirements? Or how I can revert the situation back?

I can post error messages later, if that helps.

Answer 1

1. In SQL Server Configuration Manager, expand SQL Server Network Configuration, right-click Protocols for <server instance>, and then selectProperties.

2. In the Protocols for <instance name> Properties dialog box, on the Certificate tab, select the desired certificate from the drop down for theCertificate box, and then click OK.

3. On the Flags tab, in the ForceEncryption box, select No, and then click OK to close the dialog box.  In your case you need to set "Force Protocol Encryption" & "Trust Server Certificate" to No so that all connections to SQL Server will be unencrypted.

4. Restart the SQL Server service.

For more information check out the article http://msdn.microsoft.com/en-us/library/ms191192.aspx

---

Mark as ANSWER if I helped you today :-) www.sql-articles.com

Answer 2

Thanks a lot Vid! You saved my day :)

So I selected one of available certs and turned all to NO, and service restarted fine, and now my SCCM site is working. So do I need to keep those certs?

Answer 3

Right now if you have disabled encryption on TCP port so you need to choose No for "Trust Server Certificate". You can remove it if none of the applications are using it

---

Mark as ANSWER if I helped you today :-) www.sql-articles.com