An Error Message on Event Logs
Server Unable to load user-specified certificate. The server will not accept a connection. You should verify that the certificate is correctly installed. See "Configuring Certificate for Use by SSL" in Books Online.
You can check the used SSL certificate from SQL Server Configuration Manager >> SQL Server Network Configuration. Then right click on Protocols for SQLInstanceNAME (SQLEXPRESS in this case) and select Property >> Certificate tab. If you don't see the certificate in the drop-down menu, then it is removed, and you'll have to re-install it.
To fix this error, you'll need to add the removed certificate. In our case, we are using IIS Self-Signed certificate, but you can use paid third party SSL certificate as well.
Generating Self-Signed SSL certificate
- Go to Run >> IIS Manager >> Server Certificates.
- Click on Create Self-Signed Certificate.
- Specify the friendly name of certificate and click OK.
Now follow these steps to assign read permission to this MSSQL user.
- Go to Start >> Run, type MMC and hit enter. Click on File >> Add and Remove Snap-In.
- Select Certificates and click on Add. On Next window, select Computer Account >> Next >> Finish. Click on OK.
- From Console Home, Expand Certificates >> Personal >> Certificates. Right click on your created Certificate >> All Tasks >> Manage Private Key.
- Click on Add, then specify SQL service username which is NT Service\MSSQL$SQLEXPRESS here. Click on OK.
As a final step, restart the MSSQL service from services.msc. MS SQL Server should start now without any problem.