Well, I'm rebuilding my Lab currently using Server 2012. This gives me a chance to use SQL 2012 and vCenter 5.5 (Note to self: 2012 R2 is fine EXCEPT for vCenter! It gets stuck at "Installing Directory Services" and is not supported anyway). One thing I'd read about was configuring SQL communication encryption (as opposed to Database encryption) and I wanted to use that. I held off installing vCenter until I could get the certificate installed and SQL services running but ran into a roadblock every time I applied the Certificate and started the SQL Server Service:
http://sqlblog.com/blogs/greg_low/archive/2013/05/30/sql-server-service-won-t-start-after-changing-service-account-service-specific-error-2146885628.aspx
Now I'm no SQL guru but a permission problem wasn't what I expected. What I did remember was I tried using Managed Service Accounts to test how these work and that was the account the SQL server service was using and subsequently didn't have sufficient permissions.
Here is SQL configuration manager showing the accounts I'm running the services under:
And here is the Certificate I had previously selected:
So once I had changed the permissions on the folder C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys I could start the SQL server service just fine. I did get an error applying permissions for the msvc_Labsql55 account at the folder level, I had 2 files in the folder, one would not let me edit permissions but the other accepted the update fine. I think one of the files corresponds to my SSL cert but the other is a system key and shouldn't be meddled with! Test in a Lab yourself to make sure!
So now I can create an ODBC connection for the vCenter 5.5 Database and tick the box to encrypt the connection:
And it tests successfully:
Job Done! Now I just have to get building!
