Link to home
Create AccountLog in
Avatar of Aamer-
Aamer-

asked on

MSSQLSERVICE not starting. error 1067

I have an SQL cluster hosting databases for SCCM, SCOM, and WSUS. I wanted to configure encryption so requested a certificate from an internal CA with a subject name of the SQL cluster virtual server. on the nodes of the SQL server there was a self signed certificate created automatically for SCCM. following the instruction in most of the blogs, I replaced the thumbprint of the certificate in the registry to use the thumbprint of the new certificate. the moment the thumbprint was changed the SQL service stopped and the cluster resource for SQL went down. I replaced the thumbprint on both the nodes and still the service does not come up. I replaced the old thumbprint and restarted but the service still does not start. I did a SQL server repair but no luck. the error I get is : unexpected service failure error 1067. now all of my services are down. what can be done to bring back the service to a running state. SQL version I am running on the cluster is 2012 sp1. it a active/passive cluster hosting databases for all my services. I changed the thumbprint as the application catalog role in SCCM was not working and I found some blogs talking about sql encryption and this messed it up for me.
Avatar of arnold
arnold
Flag of United States of America image

You likely have not transferred the private key of the certificate.

Such undertakings should only be done in a test environment with good backups.
you would need to use the osql command line to try and revert what you did.

the certificate is not part of the user/service certificate store.......
try to undo all what you set and reboot nodes
did you make these changes on both nodes?
did you try to do fail over to  2nd node?
did you reboot boxes?
what errors do you see in event viewer?
in cluster error log?
more details is better
--
Are you using the cluster service as domain login with local admin rights on the both nodes?


what blogs instructions did you use?

did you see this one?

https://social.msdn.microsoft.com/Forums/sqlserver/en-US/01a0191f-88d4-4e67-8017-fd26a1dec1fc/ssl-thumbprint-registry-setting-for-sql-server-2008-clustered-on-windows-server-2008?forum=sqlsetupandupgrade
ASKER CERTIFIED SOLUTION
Avatar of Daniel_PL
Daniel_PL
Flag of Poland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account