This morning it transpired that SQL Server 2012 service running on Win2012 had shut itself down. When I logged in as the server admin and tried to access SSMS, after entering my credentials I got the 'transport' error. On checking Windows Services, both SQL Server and Agent were stopped. I tried to start them, but got a timeout error.
The SQL event log contains this entry:
The server could not load the certificate it needs to initiate an SSLconnection. It returned the following error: 0x8009030d. Checkcertificates to make sure they are valid.
The Windows event logs contain these entries:
Log Name: Application
Source: MSSQLSERVER
Date: 14/03/2013 09:01:40
Description: Unable to load user-specifiedcertificate [Cert Hash(sha1)"A1CF6EE1C352B7A185950EB400013269759C24BD"]. The server will notaccept a connection. You should verify that the certificate iscorrectly installed. See "Configuring Certificate for Use by SSL" inBooks Online.
Description: TDSSNIClient initialization failedwith error 0x80092004, status code 0x80. Reason: Unable to initializeSSL support. Cannot find object or property.
Description: TDSSNIClient initialization failedwith error 0x80092004, status code 0x1. Reason: Initialization failedwith an infrastructure error. Check for previous errors. Cannot findobject or property.
Description: Could not start the network librarybecause of an internal error in the network library. To determine thecause, review the errors immediately preceding this one in the errorlog.
Description: SQL Server could not spawnFRunCommunicationsManager thread. Check the SQL Server error log andthe Windows event logs for information about possible relatedproblems.
The following procedure fixed the problem:
- Start > SQL Server Configuration Manager
- SQL Server Network Configuration > Protocols for MSSQLSERVER (Properties)
- Uncheck General > Force Encryption
- Start > Services > Start MSSQLSERVER service
Update:
The above only fixed the problem until the next reboot, whereby it happened again. Apparently the SSL certificate needs permissions to be read by SQL2012, but I daren't keep rebooting until this gets fixed, so am accessing via RDC now instead of SSMS over SSL.