In our old PKI (Windows server 2000,) when an AD computer requested a Cert the result was a certificate that had the FQDN in the Subject Common Name field as well as the FQDN in the Subject Alternative Name field. With our new PKI, the resulting certificate has the "hostname" in the Subject Common Name field and the FQDN in the Subject Alternative Name field.The Template is set to use the Fully Distinguished Name from Active Directory for the Subject Common Name however, it still just appears to be the Hostname that is showing up.Is this going to be a problem?We are pursuing this because SQL Server 2005 won't let us add a new cert from our new PKI. We are encrypting network communications on the SQL server and require the cert for SSL Tunneling. SQL Server 2005 has a specific set of requirements the Cert must follow and in our opinion our computer cert complies with those requirements, however the cert never shows up in the list to be used for SSL communications. Our only thought at this point is because the cert Subject Common Name does not match the FQDN of the server.Any thoughts or advice would be much appreciated. We are using a Windows Server Enterprise 2008 with Service Pack 2 for our Issuing CA. We have 2003 templates.

My guess is that the certificate is not in the appropriate store for the SQL server to utilize. http://support.microsoft.com/kb/316898

most problably the name is not the issue. go to the certificate console, right-click the certificate and select Manage Private Keys. Add FullControl permission for the user accunt, under which the SQL server instance is running - such as its domain user or network service or whatever you have SQL server configured to run under. ondrej.