CB Protection: SQL Server Fails to Start After Server Name Change
book
Article ID: 288801
calendar_today
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Unable to start the SQL Server services
No certificate listed under SQL Server Configuration Manager > Protocols
SQL Startup errors show:
Unable to load user-specified certificate [Cert Hash(sha1) "<CERTHASH>"]. The server will not accept a connection. You should verify that the certificate is correctly installed. See "Configuring Certificate for Use by SSL" in Books Online.
Environment
CB Protection Server: All Supported Versions
Microsoft SQL Server: All Supported Versions
Cause
This is caused by the SQL Service account, being no longer able to access the private key of the self signed certificate that was set for SQL communication.
Resolution
Open Services.msc
Navigate to SQL Server and double click the service.
Write down the Username on the Log On tab, as you will need that later.
Open IIS Manager
Navigate to the Server Name, and double click Server Certificates
On the right hand panel, select Generate Self Signed Certificates
Specify a name, and click OK
Open MMC
Select File > Add/Remove Snap-in
Select Certificates with the options of Computer Account and Local Computer
Navigate to Personal > Certificates
Right click the new self-signed certificate you generated and select All Tasks > Manage Private Keys
Grant full permissions to the service account you wrote down in step 3
Open SQL Server Configuration Manager
Right click and select Properties on Protocols under SQL Server Network Configuration
On the Certificates tab, select the new Self Signed Certificate