Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 480
  • Last Modified:

Change from built in account to domain user for sql services causes SSl cert error

All,

Have recently run through a program of creating defined SQL domain accounts to stop using the built in ones.

All has gone fine, except in multiple machines i get the below error

A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x80090016.

Im guessing this is due to the new domain user account not having access to the old SSL certs, I have linked them through SQL config manager>> protocols but the error still occurs.

is there any way i can give the new domain user rights to these certs, or if not are we ok to use the self generated certificates?

All help appreciated
0
slam69
Asked:
slam69
  • 3
  • 2
1 Solution
 
illCommented:
try
1. logon on to desktop as sql service domain user
2. insert certificate as logged-in user
0
 
slam69Author Commented:
Ok,

im stuck at home with a bug now today so will try this when im back in teh office and let you know
0
 
slam69Author Commented:
hi ill, ok logged in as service user account and unless i give it local admin rights it wont find the cert, this is against what i want to do.

the cert says it comes with a private key so how best to give it teh certificacte without giving it local admin rights?

Many Thanks
0
 
illCommented:
I thought once you have the cert key cached for the account , you can remove the admin rights.
If the cert is downloaded each time you may try to:
1. use SQL proxy account or
2. set security on a box to allow non-admin user to write to directory where cert are stored
0
 
slam69Author Commented:
Hi I had to use part of the 2003 tool kit which has an app that allows you to permission individual certificates in teh machine store for non -admin users. you do this through the command line and worked like a charm
0

Featured Post

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now