SSL Certificate missing from dropdown in SQL Server Configuration Manager

Question

I am trying to configure SQL Server 2014 so that I can connect to it remotely using SSL. A valid, wildcard cert is installed on the server, and the cert\'s domain name (example.

Answer 1

Once I followed steps in Updated 2 section of accepted answer, I can't start the SQL Server service, got those errors in Event Viewer:

Unable to load user-specified certificate [Cert Hash(sha1) "thumbprint of certificate"]. The server will not accept a connection. You should verify that the certificate is correctly installed. See "Configuring Certificate for Use by SSL" in Books Online.

TDSSNIClient initialization failed with error 0x80092004, status code 0x80. Reason: Unable to initialize SSL support. Cannot find object or property.

TDSSNIClient initialization failed with error 0x80092004, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. Cannot find object or property.

got error in SQL Server error log:

The server could not load the certificate it needs to initiate an SSL connection. It returned the following error: 0x8009030d. Check certificates to make sure they are valid.

googled it and found out a solution:

Make sure the windows account running SQL Server service (NT Service\MSSQLServer in my case) has full permissions to the following folders/register entry:

1. C:\Program Files\Microsoft SQL Server[Your Sql Server Instance]\MSSQL\
2. C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
3. HKLM\System\CurrentControlSet\Services\WinSock2\Parameters

I checked No.1 NT Service\MSSQLSERVER has already had the permission.

I checked No.2, NT Service\MSSQLSERVER has no permission and I added the permission. It popped up an error saying one of files in that folder was denied the operation, but I just ignored it (nothing else I can do)

I didn't check No.3 and tried starting SQL Server, it worked!!