Menu
In SQL Server Configuration Manager, expand SQL Server Network Configuration, right-click Protocols for <server instance>, and then select Properties. On the Certificate tab, select the desired certificate from the Certificate drop-down menu, and then click OK.
The chain of trust of a certificate chain is an ordered list of certificates, containing an end-user subscriber certificate and intermediate certificates (that represents the intermediate CA), that enables the receiver to verify that the sender and all intermediate certificates are trustworthy.
Certificate chains are a PKI feature that allows root certificate authorities to delegate the work of certificate signing. Roughly one half of all sites have certificates that are signed by a trusted CA. Such sites need only provide the server's certificate in the handshake.
You likely don't have a CA signed certificate installed in your SQL VM's trusted root store.
If you have Encrypt=True in the connection string, either set that to off (not recommended), or add the following in the connection string:
TrustServerCertificate=True
SQL Server will create a self-signed certificate if you don't install one for it to use, but it won't be trusted by the caller since it's not CA-signed, unless you tell the connection string to trust any server cert by default.
Long term, I'd recommend leveraging Let's Encrypt to get a CA signed certificate from a known trusted CA for free, and install it on the VM. Don't forget to set it up to automatically refresh. You can read more on this topic in SQL Server books online under the topic of "Encryption Hierarchy", and "Using Encryption Without Validation".
If you're using SQL Management Studio, please goto connection properties and click on "Trust server certificated"
If you're seeing this error message when attempting to connect using SSMS, add TrustServerCertificate=True to the Additional Connection Parameters.
If You are trying to access it through Data Connections in Visual Studio 2015, and getting the above Error, Then Go to Advanced and set
TrustServerCertificate=True
for error to go away.
I got this Issue while importing Excel data into SQLDatabase through SSMS. The solution is to set TrustServerCertificate = True in the security section
Got hit by the same issue while accessing SQLServer from IIS. Adding TrustServerCertificate=True didnot help.
Could see a comment in MS docs: Make sure the SQLServer service account has access to the TLS Certificate you are using. (NT Service\MSSQLSERVER)
Open personal store and right click on the certificate -> manage private keys -> Add the SQL service account and give full control.
Restart the SQL service. It worked.
While the general answer was in itself correct, I found it did not go far enough for my SQL Server Import and Export Wizard orientated issue. Assuming you have a valid (and automatic) Windows Security based login:
ConnectionString
Data Source=localhost;
Initial Catalog=<YOUR DATABASE HERE>;
Integrated Security=True;
Encrypt=True;
TrustServerCertificate=True;
User Instance=False
That can either be your complete ConnectionString (all on one line), or you can apply those values individually to their fields.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With