I had an issue trying to get a SQL server to use a certificate to secure a connection with SSL.
The certificate was selected in SQL configuration manager but when the SQL service was restarted, it would fail with an EventID 26104 indicating it couldn't read find the certificate.
After a bit of googling, I found this:
Turns out, if you run your SQL server under a non-privileged account as per best practice, the account can't read the private key of the certificate.
Altering the certificate permissions to allow your SQL server to read the certificate private key allows the SQL server to start.