Adding an SSL cert for each SQL instance RRS feed

  • Question

  • We have a SQL Server 2008 clustered environment (Active/Passive) with three instances.  We have attempted to add a unique certificate for each instance. From what we understand, in order to use an SSL cert when the cert name does not match the name of the server, the following must be done:


    In order to use a SSL certificate when the certificate name does not match the name of the server you must do the following.

    1.) Log in to the SQL Server with the CLUSTER USER ACCOUNT and install the certificate to the local store

    2.) Retrieve the thumbprint of the SSL certificate that was installed.

    3.) Place the certificate thumbprint in a binary key at the following location in the registry on each SQL server in the cluster. (Note: clip 2)

                    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\SuperSocketNetLib


    Having followed this technique for each instance on the cluster servers they have only been successful in getting the first (Default) instance of sql server to properly load the certificate, all others fail adding the certificate. What is the process for adding an SSL cert for each instance?


    Thursday, November 18, 2010 5:20 PM

All replies

  • Hi,

    Thanks for your post!

    Did you get any error message?


    Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, November 19, 2010 6:19 AM