When using SQL Server Management Studio 20+ you might encounter this error. Also when using .net applications which do not the option in the connection string, you might encounter it when migrating from System.Data.Sql to Microsoft.Data.Sql where Encrypt is now set to true by default.
You likely don’t have a Certificate Authority(CA)-signed certificate installed in your SQL VM’s trusted root store.
If you have Encrypt=True
in the connection string, either set that to off (not recommended), or add the following in the connection string TrustServerCertificate=True
SQL Server will create a self-signed certificate if you don’t install one for it to use, but it won’t be trusted by the caller since it’s not CA-signed, unless you tell the connection string to trust any server cert by default.
And after Jan 2022 the encrypt value of the connection string has been set to true where it previously was not. (Microsoft.Data.SqlClient). So then you have to switch to ‘Encrypt=false’ or ‘TrustServerCertificate=True’.
How to install a certificate in SQL Server: https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver16
Trusted_Connection=True
TrustServerCertificate=True
Encrypt=False (other option)