Answer 1

Hi,
Please check the certificate  you installed is valid by using the follow steps:
1. Open the Certificates snap-in. To do this, see step 1 in the "How to Configure the MMC Snap-in" section.
2. In the Certificates snap-in, expand Personal, and then expand Certificates.
3. In the right pane, locate the certificate that you installed.
4. Determine whether the certificate meets the following requirements:
 a) In the right pane, the value in the Intended Purpose column for this certificate must be server  Authentication.
 b) In the right pane, the value in the Issued To column must be the server name.
5. Double-click the certificate, and then determine whether the certificate meets the following requirements:
 a) On the General tab, you receive the following message:
     You have a private key that corresponds to this certificate.
 b) On the Details tab, the value for the Subject field must be server name.
 c) The value for the Enhanced Key Usage field must be Server Authentication (<number>).
 d) On the Certification Path tab, the server name must appear under Certification path.
If any one of these requirements is not met, the certificate is invalid.

If there are any more questions, please let me know.
Thanks.

Answer 2

Hello Xiao Min Tan,

I have a wildcard certificate  *.domain.com set in my personal certificates for Local Computer, Service (SQL Server (MSSQLSERVER)) and Service (SQL Server Agent (MSSQLSERVER)).

Issued To: *.domain.com
Issued by: Equifax Secure Certificate Authority
Expiration Date: 9/21/2014
Intended Purposes: Server Authentication
Friendly Name: <None>
Status: <blank>
Certificate Template: <blank>

It also states the following: "You have a private key that corresponds to this certificate."

Subject: CN = *.domain.com
             OU = Domain Control Validated - RapidSSL(R)
             OU = See www.rapidssl.com/resources/cps (c)09
             OU = GTXXXXXX
             O = *.domain.com
             C = US

Enhanced Key Usage: Server Authentication (1.3.6.1.5.5.7.3.1)
                                Client Authentication (1.3.6.1.5.5.7.3.2)

It meets all the requirements you stated.

What is wrong?

Thank you.

Didier

Answer 3

Here is the issue we are having:

We are trying to enable SSL encryption  for an instance of SQL server  2005.

Here is the document as our reference. http://support.microsoft.com/kb/316898

Step by step, we installe SSL certificate  in MMC and everything looks OK, but when we go to sql  server configuration manager, from certificate tab, we can't find any certificate from the download list.

We installed SSL certificate in the Personal container under the computer account and the SQL Service account.

We named the SSL certificate the same way we named the server.


Thank you.

Now I understand more about it, The link you provided is very useful.

Answer 4

This topic may be helpful: http://support.microsoft.com/kb/316898 Note the section under troubleshooting where it discusses the problem - After you successfully install the certificate, the certificate  does not appear in the Certificate list on the Certificate tab.