Merge pull request #12173 from MicrosoftDocs/VanMSFT-patch-1

PRMerger8 · web-flow · commit d2bf871dcfa3 · 2019-09-26T08:09:04.000-07:00
Update enable-encrypted-connections-to-the-database-engine.md
diff --git a/docs/database-engine/configure-windows/enable-encrypted-connections-to-the-database-engine.md b/docs/database-engine/configure-windows/enable-encrypted-connections-to-the-database-engine.md
@@ -118,7 +118,10 @@ If using [!INCLUDE[ssSQL11](../../includes/sssql11-md.md)] through [!INCLUDE[ssS
   
 2. Complete the **Certificate Export Wizard**, storing the certificate file in a convenient location.  
   
-## To configure the server to force encrypted connections  
+## To configure the server to force encrypted connections
+
+> [!IMPORTANT]
+> The SQL Server Service Account must have read permissions on the certicate used to force encryption on the SQL Server. For a non-privileged service account, read permissions will need to be added to the certificate. Failure to do so can cause the SQL Server service restart to fail.
   
 1. In **SQL Server Configuration Manager**, expand **SQL Server Network Configuration**, right-click **Protocols for** _\<server instance>_, and then select**Properties**.  
   
