How to use Custom Certificate for SQL Server Availability Group Endpoint Authentication

Copper Contributor

I am setting up a SQL Server Availability Group using the commands provided in the Microsoft documentation. The process involves creating a certificate, backing it up with the private key, and restoring it on all replicas for endpoint creation and authentication.

However, I want to use my custom self-signed certificate and private key. I have generated my certificate and private key using OpenSSL.
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout root_ca.key -out root_ca.crt -subj "/CN=RootCA/O=MyOrganization"

Creating the certificate:

CREATE CERTIFICATE server_certificate
FROM FILE = '/var/opt/mssql/root_ca.crt'
WITH PRIVATE KEY (FILE = '/var/opt/mssql/root_ca.key');


When I attempt to use my certificate generated by OpenSSL, I encounter the error:
The certificate, asymmetric key, or private key file is not valid or does not exist; or you do not have permissions for it.

What steps should I follow to successfully use my certificate in this scenario?

Any insights or guidance on this matter would be greatly appreciated.


0 Replies