SQL Server 2008 self-signed certificate is 1024bit or 2048bit?

Similar Messages

• Lion server erased self signed certificate

  Help!!! I accidentally deleted the self signed certificate that had the right keys for my third party SSL.  Now I cannot replace the self signed certificate with the new SSL.  Now what????

  I will begin my answer by making an emphasis that the best way to protect your data in-transit is using a 2048 bit certificate signed by a trusted certificate authority (CA) instead of relying on the self-signed certificate created by SQL Server.
   Please remember that the self-signed certificate created by SQL Server usage for data in-transit protection was designed as a mitigation against passive traffic sniffers that could potentially obtain SQL Server credentials being transmitted
  in cleartext, but nothing more. Think of it as a mitigation against a casual adversary.
   The self-signed certificate usage was not intended to replace real data in-transit protection using a certificate signed by a trusted CA and encrypting the whole communication channel. Remember, if it is self-signed, it is trivial to spoof.
  After making this clarification, the self-signed certificate generated by SQL Server uses a 1024 bit key, but that size may be subject to change in future versions of the product. Once again, I would like to strongly discourage relying on the self-signed
  certificate created by SQL Server for data in transit transmission.
  BTW. Azure SQL Database uses a 2048 certificate issued by a valid certificate authority.
  I hope this information helps,
  -Raul Garcia
   SQL Server Security
  This posting is provided "AS IS" with no warranties, and confers no rights.

• Web Server 7 Admin Server and Self-Signed certificate

  Is it possible to create and install a self-signed certificate for the administration server in Sun Web Server 7. The default installation comes with a self-signed certificate but we would like to install our own certificate and not the certificate issued by "admin-ca-cert"
  Message was edited by:
  aar

  As far as I know its not a problem. You can install your own certificate. Make sure that the certificate nick name is changed accordingly in "server-cert-nickname" in server.xml section as shown below :
  <http-listener>
  <name>admin-ssl-port</name>
  <port>2224</port>
  <server-name>alamanac.india.sun.com</server-name>
  <default-virtual-server-name>admin-server</default-virtual-server-name>
  <ssl>
  <server-cert-nickname>Admin-Server-Cert</server-cert-nickname>
  </ssl>
  </http-listener>

• How to import the self-signed certificate in runtime

  HI.
  I work to connect between JSSE client and OpenSSL server with self-signed certificate.
  But I met the SSLSocketException during handshaking.
  Many Solutions registered in this page.
  But their are all using keytool.
  My application connect many site support the self-signed certificate.
  So, I want to import the certificate in run time.
  How Can I do??
  Please, answer me..
  Thanks,

  did you figure this out??? I need to know how to accept a self-signed certificate, otherwise it's this exception...
  D:\javatools\apis\jsse1.0.2\samples\urls>java -cp jcert.jar;jnet.jar;jsse.jar;. URLReader
  Exception in thread "main" javax.net.ssl.SSLException: untrusted server cert chain
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
  at java.io.OutputStream.write(OutputStream.java:61)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-12019
  8])
  at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120
  198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V
  1.2-120198])
  at java.net.URL.openStream(URL.java:798)
  at URLReader.main(URLReader.java:46)

• Encryption strenght with SQL Server self-signed certificate

  I have SQL Server 2008 R2 Standard (64-bits) on Windows Server 2008 R2 Enterprise (64-bits) and client computers running on Windows 7 Professional (64-bits). If I set "Encrypt=True;TrustServerCertificate=True;" in connection strings, I'm wondering
  what encryption level or strength (40bits, 128bits, or other) are the connections getting?
  Microsoft is not clear about this topic:
  "The level of encryption used by SSL, 40-bit or 128-bit, depends on the version of the Microsoft Windows operating system that is running on the application and database computers."
  I appreciate any comment.

  Please see the discussion thread on this other post:
  http://social.msdn.microsoft.com/Forums/sqlserver/en-US/ee159a8b-0b07-4637-83e7-d0487fc63a9e/which-cipher-current-supported-after-force-encryption?forum=sqlsecurity
  Hopefully this information will help.
  -Raul Garcia
    SQL Server Security
  This posting is provided "AS IS" with no warranties, and confers no rights.

• How to register iOS device when using self signed certificate with apple Server?

  Hi,
  I have installed the server.app by Apple and used a slef signed certificate for my server. Now I want to register my different devices (iMac, iPhone etc.). I could register the iMac without problesm (I just had to add my self signed certificate to the trusted certificates)
  Sadly, with the iPhone it is not that easy. I can install the "trust profile", but still after that I can not register my device. It seems like it does not accept my self signed certificate for device registration. When adding a registration profile, I get the error "www._mydomain_.tld/devicemanagement/api/device/auto_join_ota_service" is not valid.
  Nethertheless, I can install a profile with setting, e.g. my imap settings, via the profile management without problems.
  Does anyone have an idea how to get around the problem with the self signed certificate?
  Best regards

  Try deleting the Server.app and download it again from the App Store, restart.
  My Server is also using self signed certificates and is working with iOS device (Trust Profile needed first).

• How to secure connection in sql server 2008? my main problem is which certificate should i add in mmc

  i'm recently working on hardening of sql server 2008. now i face with a problem. my problem is  how to secure connection in sql server 2008?  my main problem is which certificate should i add in mmc? what are these certificates about?and guide
  me in choosing the appropriate certificate.
  and how should i know that the connection in sql server is secured?
  plz guide me from the beginning cause i'm rookie in this subject.
  thanks in advance.

  Hi sqlfan,
  Question 1: my problem is how to secure connection in sql server 2008?
  Microsoft SQL Server can use Secure Sockets Layer (SSL) to encrypt data that is transmitted across a network between an instance of SQL Server and a client application. For more information about Encrypting Connections to SQL Server, please refer to the following
  article:
  http://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx
  Question 2: my main problem is which certificate should i add in mmc? what are these certificates about?and guide me in choosing the appropriate certificate.
  To install a certificate in the Windows certificate store of the server computer, you will need to purchase/provision a certificate from a certificate authority first. So please go to a certificate authority to choose the appropriate certificate.
  For SQL Server to load a SSL certificate, the certificate must meet the following conditions:
  The certificate must be in either the local computer certificate store or the current user certificate store.
  The current system time must be after the Valid from property of the certificate and before the Valid to property of the certificate.
  The certificate must be meant for server authentication. This requires the Enhanced Key Usage property of the certificate to specify Server Authentication (1.3.6.1.5.5.7.3.1).
  The certificate must be created by using the KeySpec option of AT_KEYEXCHANGE. Usually, the certificate's key usage property (KEY_USAGE) will also include key encipherment (CERT_KEY_ENCIPHERMENT_KEY_USAGE).
  The Subject property of the certificate must indicate that the common name (CN) is the same as the host name or fully qualified domain name (FQDN) of the server computer. If SQL Server is running on a failover cluster, the common name must match the host
  name or FQDN of the virtual server and the certificates must be provisioned on all nodes in the failover cluster.
  Question 3: how should i know that the connection in sql server is secured?
  If the certificate is configured to be used, and the value of the ForceEncryption option is set to Yes, all data transmitted across a network between SQL Server and the client application will be encrypted using the certificate. For more detail about this,
  please refer to Configuring SSL for SQL Server in the following article:
  http://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx
  If you have any question, please feel free to let me know.
  Regards,
  Donghui Li

• Can you use a self signed certificate on an external Edge Server interface?

  Hi,
  I have a small lab deployment for evaluation purposes. The Lync FE server works great for internal users. I have now added an Edge server. For the internal interface, I have a self signed certificate from our internal CA. (no problem there) For the external
  interface, I have a self signed certificate from our own external CA. I have installed the cert on the client machine of the external user and installed it for trusted operation. I have used the RUCT and digicert tools to prove that the external self signed
  cert is valid (root and intermediate have been checked for validity).
  At first, when logging in from the Lync 2013 client on the external users machine, I would get an error from Lync about the cert being untrusted. I have now fixed that error by adding it as trusted. At this point, there are no errors or warnings in the Event
  Viewer (in the application or system logs) However, I receive the following error from the Lync client, "Were having trouble connecting to the server... blah, blah".
  Here is my question. Does the Microsoft Lync 2013 client and/or the "testconnectivity.microsoft.com" tool specifically prevent or forbid the use of self signed certificates on the external interface of an Edge server? They seem too.
  I can tell if the certificate is my problem or something else. Any ideas on how to trouble shoot this?
  Thx

  Drago,
  Thanks for all your help. I got it working.
  My problem with the Lync client error, "Were having trouble connecting to the server... blah, blah", was NOT a certificate error. It was a problem with my Lync Server Topology. (My sip default domain needed to match my user login domain.)
  Let me update everyone about self-signed certificates:
  YES, you can self-sign a certificate on your external edge server. It is a pain, but possible.
  I have a self signed certificate from our own external CA. I have installed the cert on the client machine of the external user for trusted operation. I have used the RUCT and digicert tools to prove that the external self signed cert is valid (root and
  intermediate have been checked for validity).
  Here are my notes:
  Create/enable your own external Certificate Authority (CA) running on a server with internet access. 
  On the Lync Edge Server, run the "Lync Server 2013 - Development Wizard".
  Click "Install or Update Lync Server System". (Lync will automatically determine its deployment state)
  You should have already completed: Step1 and Step 2.
  Run or Run Again "Step 3: Request, Install or Assign Certificates".
  Install the "Edge internal" certificate.
  Click "Request" button to run the "Certificate Request" wizard.
  You use can "Send the request immediately to an online certificate authority" option to connect to your internal CA, and create the certificate.
  Once the certificate has been created, use "Import Certificate" to import it.
  Once imported, on the Edge Server, go to: (Control Panel -> Administrative Tools -> Internet Information Services (ISS) Manager -> Server Certificates -> Complete Certificate Request...
  In the Lync deployment wizard - Certificate Wizard, "Assign the newly imported "edge internal" certificate.
  Install the "Edge External" certificate (public Internet).
  Click the "Request" button to run the "Certificate Request" wizard.
  Press "next"
  Select "Prepare the request now, but send it later (offline certificate request).
  Supply the "Certificate Request File" name and location. (You will need the file later. It should have the file extension ".req").
  Click next on the "Specify Alternate Certificate Template". (which means you are using the default options)
  Give it a Friendly Name. Bit Length = 2048. I selected "Mark the certificate's private key as exportable" option.
  Fill in the organization info.
  Fill in the Geographical Information.
  The wizard should automatically fill-in the "Subject name:" and "subject alternative name:' fields.
  Select your "Configured SIP domains"
  "Configure Additional Subject Alternative Names" if you want. Otherwise, next.
  Verify the "certificate Request Summary". Click next.
  Run the wizard script to "Complete". The wizard will create a file containing the certificate request with the file extension ".req". (Let's assume the file name is "myCert.req")
   Move your myCert.req file to your external CA. Have your CA issue the cert (based on myCert.req) and export the new cert to a file. I save it as a P7B certificate. (Let's call it "ExternalCert.p7b")
  In the Lync Deployment wizard - Certificate Wizard, click on "Import Certificate" for ExternalCert.p7b.
  Once imported, on the Edge Server, go to: (Control Panel -> Administrative Tools -> Internet Information Services (ISS) Manager -> Server Certificates -> Complete Certificate Request... (assign it a friendly name. Let's say "EXTERNAL-EDGE")
  For the "External Edge certificate (public Internet), click "Assign".
  The "Certificate Assignment" wizard will run.
  Click next.
  From the list, select your cert "EXTERNAL-EDGE".
  Finish the wizard to "complete".
  You are finished on the server.
  Move the "ExternalCert.p7b" file to the machine running the lync client. Install the cert via the "Certificate Import Wizard".
  When installing it to a particular Certificate Store, select the "Place all certificates in the following store" option.
  Browse
  Select "Trusted Root Certification Authorities"
  Finish the wizard.

• In Firefox 4.0 with a Server with a self signed certificate using IPv6 I can not add a "Security Exception" for this certificate.

  In Firefox 4.0 I have a server ... it contains a self signed certificate. Using IPv6 I can not add a "Security Exception" for this certificate.
  1. I log onto the server (using IPv6). I get the "Untrusted connection page" saying "This connection is Untrusted"
  2. I click on "Add Exception.." under the "I understand the Risks" section.
  3. The "Add Security Exception" dialog comes up. soon after the dialog comes up I get an additional "Alert" dialog saying
  An exception occured during connection to xxxxxxxxx.
  Peer's certificate issuer has been marked as not trusted by the User.
  (Error code sec_error_untrusted_issuer).
  Please note that this works in Firefox 3.6.16 (in IPv4 and IPv6). It also works in Firefox 4.0 in IPv4 only IPv6 has an issue. What's wrong?

  Exactly the same problem, except I'm using FF v6 for Windows, not FF v4 as for the lead post. This is for a self-cert which IS trusted, although the error message says it isn't.

• Why, when I successfully connect to Server 2012 Essentials R2 via Anywhere Access does the Remote Desktop Connection use the self signed certificate for RDP instead of the SSL certificate I installed when I set up access anywhere?

  Scenario:
  Windows Server 2012 R2 Essentials
  I purchased an SSL Cert from GoDaddy and I managed (after some challenges) to set up Anywhere access to use that new SSL Cert. I to rebooted the server and I am able to login to Anywhere Access vis https (using the SSL certificate) from PC, Mac and iOS.
  So far so good.
  The problem I am having is that when I click to launch a remote desktop connection to the server RDP connection wants to use the self signed SSL certificate of the server rather than the SSL Certificate I installed into Anywhere Access. As a result, I get
  a security warning like this: "The identity of the remote computer cannot be verified. Do you want to connect anyway?"
  The name in the certificate appears as ACME-SERVER.ACMEDOMAIN.local  instead of the SSL Certificate I installed, which is
  remote.acmedomain.com
  If I lick to accept, RDP does work fine, it;s just using a self signed certificate. I want it to use the trusted certificate that I purchased and installed.
  My guess is that there must be an additional step to tell Anywhere Access that when it generates the RDP session that it should use the cert? OR, is this just how it works?

  Because....
  the server does not have a 'trusted' certificate assigned to it.
  Only the RDP Gateway has the trusted certificate for the external name.
  If you want to remove that error, you have to do one of the following:
  Make sure your domain uses a public top level domaim, and get a public trusted certificate for your server.
  So, something like,
  server.domain.publicdomain.com
  Or,
  Install that certificate on your remote computer so it is trusted.
  Robert Pearman SBS MVP
  itauthority.co.uk |
  Title(Required)
  Facebook |
  Twitter |
  Linked in |
  Google+

• How to erase all self signed certificates and force Server to use Signed SSL

  I have been using a poorly managed combination of self-signed SSL certificates and a free one. I have purchased a good SSL from Digicert and am trying to configure the server to use it across the board. All of the services seem to be using it, but when I try to manage the server remotely, I seeing a self-signed certificate instead.
  I look under the system keychain in K-Access and there are several self signed certificates there (including the one that I am seeing when I try to remote manage).
  Can I replace those self-signed certs with the new one some how?

  Don't delete those.  However, you are on the right track.  Follow these steps to resolve.
  1:  Launch Keychain Access
  2:  Select the System Keychain
  3:  Find the com.apple.servermgrd IDENTITY PREFERENCE (looks like a contact card) and double click to open it
  4:  In the Preferred Certificate popup, change com.apple.servermgrd to your purchased certificate
  5:  Press Save Changes to save.
  6:  Reboot the server or kill the servermgrd process to restart the service.
  That should resolve your issue.
  R-
  Apple Consultants Network
  Apple Professional Services
  Author "Mavericks Server – Foundation Services" :: Exclusively available on the iBooks store

• How to issue a self-signed certificate to match Remote Desktop Gateway server address requested

  I have an RDG server named gw.domain.local with port 3389/tcp forwarded from
  gw.example.com.
  Using RDGM snap-in I created a self-signed SSL certigicate with FQDN gw.example.com.
  But when I connect over RDP from outside the local network I'm getting an error:
  Your computer can't connect to the computer because the Remote Desktop Gateway server address requested and the certificate name do not match
  Because certificate subject name is gw.domain.local indeed.
  So there question is: how to issue a certificate properly, or how to assign an existing one the name to match?

  Hi,
  Thanks for your post in Windows Server Forum.
  The certificate error which you are facing seems like certificate mismatch error, something like the security certificate name presented by the TS Gateway server does not match the TS Gateway name. You can try reconnecting using the FQDN name of the TS Gateway
  server. You can refer below article for more troubleshooting.
  TS Gateway Certificates Part III: Connection Time Issues related to TS Gateway Certificates
  And for creating a SSL certificate for RD gateway, you can refer beneath articles.
  1.  Create a Self-Signed Certificate for the Remote Desktop Gateway Server
  2.  Obtain a Certificate for the Remote Desktop Gateway Server
  Hope it helps!
  Thanks,
  Dharmesh

• Generating Self Signed Certificate for iPlanet Directory Server for testing

  Hi Experts,
  I am unable to find how to generate self signed certificate for iPlanet Directory Server for testing purpose. Actually what i mean is i want to connect to the iPlanet LDAP Server with LDAPS:// rather than LDAP:// for Secured LDAP Authentication. For this purpose How to create a Dummy Certificate to enable iPlanet Directory Server SSL. I searched in google but no help. Please provide me the solution how to test it.
  Thanks in Advance,
  Kalyan

  Here's one I did earlier.
  Refers to Solaris 10
  SSL Security
  add a new certificate that lasts for ten years (120 months).
  stop the instance:
  dsadm stop <instance>
  Remove DS from smf control:
  dsadm disable-service <instance>
  Change Certificate Database Password:
  dsadm set-flags <instance> cert-pwd-prompt=on
       Choose the new certificate database password:
       Confirm the new certificate database password:
  Certificate database password successfully updated.
  Restart the instance from the dscc:
  DSCC -> start <instance>
  Now add a new Certificate which lasts for ten years (120 months; -v 120):
  `cd <instance_path>`
  `certutil -S -d . -P slapd- -s "CN=<FQDN_server_name>" �n testcert �v 120 -t T,, -x`
       Enter Password or Pin for "NSS Certificate DB":
  Stop the Instance.
  On the DSCC Security -> Certificates tab:
       select option to "Do not Prompt for Password"
  Restart the instance.
  On the Security -> General tab, select the new certificate to use for ssl encryption
  Restart the instance
  Stop the instance
  Put DS back into smf control:
  dsadm enable-service <instance>
  Check the smf:
  svcs -a | grep ds
  # svcs -a|grep ds
  disabled Aug_16 svc:/application/sun/ds:default
  online Aug_16 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dscc6-dcc-ads
  online 17:04:28 svc:/application/sun/ds:ds--var-opt-SUNWdsee-dsins1

• Failed to create machine self-signed certificate for site role [SMS_SQL_SERVER]

  SCCM 2012 has been successfully installed on the server:
  SRVSCCM.
  The database is on SQL Server 2008 R2 SP1 CU6 Failover Cluster (CLS-SQL4\MSSQLSERVER04)
  Cluster nodes: SQL01 and SQL01. On all nodes made necessary the Security Setup of SCCM. No errors and warning on SCCM Monitoring.
  The cluster service is running on the account: sqlclusteruser
  The account has the appropriate SPN are registered:
  setspn -L domain\sqlclusteruser
  Registered ServicePrincipalNames for CN=SQL Cluster,OU=SQL,OU=Users special,OU=MAIN,DC=domain,DC=local:
  MSSQLSvc/CLS-SQL4
  MSSQLSvc/CLS-SQL4.domain.local
  MSSQLSvc/CLS-SQL4:11434
  MSSQLSvc/CLS-SQL4.domain.local:11434
  After some time on the cluster hosts every day started appearing new folders with files inside:
  srvboot.exe
  srvboot.ini
  srvboot.log
  srvboot.log contains the following information:
  SMS_SERVER_BOOTSTRAP_SRVSCCM.domain.local_SMS_SQL_SERVER started.
  Microsoft System Center 2012 Configuration Manager v5.00 (Build 7711)
  Copyright (C) 2011 Microsoft Corp.
  Command line: "SMS_SERVER_BOOTSTRAP_SRVSCCM.domain.local_SMS_SQL_SERVER CAS K:\SMS_SRVSCCM.domain.local_SMS_SQL_SERVER8 /importcertificate SOFTWARE\MicrosoftCertBootStrap\ SMS_SQL_SERVER".
  Set current directory to K:\SMS_SRVSCCM.domain.local_SMS_SQL_SERVER8.
  Site server: SRVSCCM.domain.local_SMS_SQL_SERVER.
  Importing machine self-signed certificate for site role [SMS_SQL_SERVER] on Server [SQL01]...
  Failed to retrieve SQL Server service account.
  Bootstrap operation failed: Failed to create machine self-signed certificate for site role [SMS_SQL_SERVER].
  Disconnecting from Site Server.
  SMS_SERVER_BOOTSTRAP_SRVSCCM.domain.local_SMS_SQL_SERVER stopped.

  The site server is trying to install the sms_backup agent on the SQL Server Cluster nodes.
  Without successfull bootstrap the siteserver backup is not able to run successfully.
  Try grant everyone the read permisson on
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS on the SQL server nodes.
  This worked for me.
  After that a Folder named "SMS_<SITESERVER-FQDN>" appeared on C: on the SQL Cluster nodes, and a "SMS_SITE_SQL_BACKUP_FQDN" Service should be installed.
  After the new Folder is created and the new Service is installed, you can safely remove the bootstrap Service by opening a command prompt and enter:
  sc delete "SMS_SERVER_BOOTSTRAP_FQDN-of-SiteServer_SMS_SQL_SERVER"

• Service-specific error code -2146885628- MS SQL Server 2008 r2 Express

  I have had no end of problems starting my MS SQL Server 2008 r2 Express.
  My database program (Sage ACT! Pro 2011) starts fine. However when it attempts to start my default database, I get the following error message:
  When I start my database within my application software (ACT Pro 2011) , I get the following error:
  I am not abler to open any database with in ACT 2011. This error tells me that I must manually start SQL Server. I am running Windows 7 Pro, SP1. So I go to Services, and right click on SQL Server (ACT7) and click start and get the following error:
  I have contacted Swiftpage and spent 2 hours on the phone with their technical support. They manually (via remote desktop connection) deleted ACT Pro 2011 and manually deleted SQL Server 2008 r2 Express (in registry and all files and folders).
  I decided to upgrade, so ACT Pro v16 was installed. SQL Server still would not start automatically or manually. The ACT technical support person, after two very long hours said: that it is not an ACT problem, that I would need to turn to Microsoft for
  a resolution as to why SQL Server will not start, and how to remedy this issue.
  I hope someone can offer help or point me in the direction to get this very bad problem resolved. I cannot work without my CRM! can someone help?
  Thanks!

  This is the sum total of an error log in: C:\Program Files\Microsoft SQL Server\MSSQL10_50.act7\MSSQL\Log. There are no error logs for June 23 to July 14. This is the closest
  date to the first time I experienced this SQL Server problem.
  2014-07-15 09:32:43.31 Server      Microsoft SQL Server 2008 R2 (SP2) - 10.50.4000.0 (X64) 
  Jun 28 2012 08:36:30 
  Copyright (c) Microsoft Corporation
  Express Edition (64-bit) on Windows NT 6.1 <X64> (Build 7601: Service Pack 1)
  2014-07-15 09:32:44.12 Server      (c) Microsoft Corporation.
  2014-07-15 09:32:44.12 Server      All rights reserved.
  2014-07-15 09:32:44.12 Server      Server process ID is 2276.
  2014-07-15 09:32:44.15 Server      System Manufacturer: 'TOSHIBA', System Model: 'Satellite L775D'.
  2014-07-15 09:32:44.27 Server      Authentication mode is MIXED.
  2014-07-15 09:32:44.27 Server      Logging SQL Server messages in file 'c:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Log\ERRORLOG'.
  2014-07-15 09:32:44.63 Server      This instance of SQL Server last reported using a process ID of 6980 at 7/15/2014 9:13:22 AM (local) 7/15/2014 1:13:22 PM (UTC). This is an informational message only; no user action is required.
  2014-07-15 09:32:44.63 Server      Registry startup parameters: 
  -d c:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\DATA\master.mdf
  -e c:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Log\ERRORLOG
  -l c:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\DATA\mastlog.ldf
  2014-07-15 09:32:46.39 Server      SQL Server is starting at normal priority base (=7). This is an informational message only. No user action is required.
  2014-07-15 09:32:46.40 Server      Detected 4 CPUs. This is an informational message; no user action is required.
  2014-07-15 09:33:00.47 Server      Using dynamic lock allocation.  Initial allocation of 2500 Lock blocks and 5000 Lock Owner blocks per node.  This is an informational message only.  No user action is required.
  2014-07-15 09:33:33.57 Server      Node configuration: node 0: CPU mask: 0x000000000000000f:0 Active CPU mask: 0x000000000000000f:0. This message provides a description of the NUMA configuration for this computer. This is an informational message
  only. No user action is required.
  2014-07-15 09:33:37.59 spid7s      Starting up database 'master'.
  2014-07-15 09:33:40.89 spid7s      FILESTREAM: effective level = 0, configured level = 0, file system access share name = 'ACT7'.
  2014-07-15 09:33:42.39 spid7s      SQL Trace ID 1 was started by login "sa".
  2014-07-15 09:33:42.56 spid7s      Starting up database 'mssqlsystemresource'.
  2014-07-15 09:33:42.86 spid7s      The resource database build version is 10.50.4000. This is an informational message only. No user action is required.
  2014-07-15 09:33:46.59 spid10s     Starting up database 'model'.
  2014-07-15 09:33:46.58 spid7s      Server name is 'Harold_Schultz\ACT7'. This is an informational message only. No user action is required.
  2014-07-15 09:33:46.59 spid10s     Error: 17204, Severity: 16, State: 1.
  2014-07-15 09:33:46.59 spid10s     FCB::Open failed: Could not open file e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\model.mdf for file number 1.  OS error: 3(The system cannot find the path specified.).
  2014-07-15 09:33:46.85 spid7s      Informational: No full-text supported languages found.
  2014-07-15 09:33:46.85 spid10s     Error: 5120, Severity: 16, State: 101.
  2014-07-15 09:33:46.85 spid10s     Unable to open the physical file "e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\model.mdf". Operating system error 3: "3(The system cannot find the path specified.)".
  2014-07-15 09:33:46.85 spid7s      Starting up database 'msdb'.
  2014-07-15 09:33:46.85 spid7s      Error: 17204, Severity: 16, State: 1.
  2014-07-15 09:33:46.85 spid7s      FCB::Open failed: Could not open file e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\MSDBData.mdf for file number 1.  OS error: 3(The system cannot find the path specified.).
  2014-07-15 09:33:46.85 spid7s      Error: 5120, Severity: 16, State: 101.
  2014-07-15 09:33:46.85 spid7s      Unable to open the physical file "e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\MSDBData.mdf". Operating system error 3: "3(The system cannot find the path specified.)".
  2014-07-15 09:33:47.04 Server      Warning: Support for the VIA protocol is deprecated and will be removed in a future version of Microsoft SQL Server. If possible, use a different network protocol and disable VIA.
  2014-07-15 09:33:47.33 Server      Virtual Interface Architecture protocol is not supported for this particular edition of SQL Server.
  2014-07-15 09:33:48.03 spid7s      Error: 17207, Severity: 16, State: 1.
  2014-07-15 09:33:48.03 spid7s      FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf'.
  Diagnose and correct the operating system error, and retry the operation.
  2014-07-15 09:33:48.04 spid10s     Error: 17207, Severity: 16, State: 1.
  2014-07-15 09:33:48.04 spid10s     FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnose
  and correct the operating system error, and retry the operation.
  2014-07-15 09:33:48.08 spid7s      File activation failure. The physical file name "e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf" may be incorrect.
  2014-07-15 09:33:48.08 spid10s     File activation failure. The physical file name "e:\sql10_main_t.obj.x86fre\sql\mkmastr\databases\objfre\i386\modellog.ldf" may be incorrect.
  2014-07-15 09:33:48.15 spid10s     Error: 945, Severity: 14, State: 2.
  2014-07-15 09:33:48.15 spid10s     Database 'model' cannot be opened due to inaccessible files or insufficient memory or disk space.  See the SQL Server errorlog for details.
  2014-07-15 09:33:48.38 spid10s     Could not create tempdb. You may not have enough disk space available. Free additional disk space by deleting other files on the tempdb drive and then restart SQL Server. Check for additional errors in the event
  log that may indicate why the tempdb files could not be initialized.
  2014-07-15 09:33:48.39 spid10s     SQL Trace was stopped due to server shutdown. Trace ID = '1'. This is an informational message only; no user action is required.
  2014-07-15 09:33:48.38 Server      Error: 17190, Severity: 16, State: 1.
  2014-07-15 09:33:48.38 Server      Initializing the FallBack certificate failed with error code: 1, state: 1, error number: -2146893802.
  2014-07-15 09:33:48.42 Server      Unable to initialize SSL encryption because a valid certificate could not be found, and it is not possible to create a self-signed certificate.
  2014-07-15 09:33:48.44 Server      Error: 17182, Severity: 16, State: 1.
  2014-07-15 09:33:48.44 Server      TDSSNIClient initialization failed with error 0x80092004, status code 0x80. Reason: Unable to initialize SSL support. Cannot find object or property.
  2014-07-15 09:33:48.44 Server      Error: 17182, Severity: 16, State: 1.
  2014-07-15 09:33:48.44 Server      TDSSNIClient initialization failed with error 0x80092004, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. Cannot find object or property.
  2014-07-15 09:33:48.44 Server      Error: 17826, Severity: 18, State: 3.
  2014-07-15 09:33:48.44 Server      Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
  2014-07-15 09:33:48.44 Server      Error: 17120, Severity: 16, State: 1.
  2014-07-15 09:33:48.44 Server      SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.