I have an SQL cluster hosting databases for SCCM, SCOM, and WSUS. I wanted to configure encryption so requested a certificate from an internal CA with a subject name of the SQL cluster virtual server. on the nodes of the SQL server there was a self signed certificate created automatically for SCCM. following the instruction in most of the blogs, I replaced the thumbprint of the certificate in the registry to use the thumbprint of the new certificate. the moment the thumbprint was changed the SQL service stopped and the cluster resource for SQL went down. I replaced the thumbprint on both the nodes and still the service does not come up. I replaced the old thumbprint and restarted but the service still does not start. I did a SQL server repair but no luck. the error I get is : unexpected service failure error 1067. now all of my services are down. what can be done to bring back the service to a running state. SQL version I am running on the cluster is 2012 sp1. it a active/passive cluster hosting databases for all my services. I changed the thumbprint as the application catalog role in SCCM was not working and I found some blogs talking about sql encryption and this messed it up for me.