TrustServerCertificate=false [Answered]RSS

1 reply

Last post May 21, 2020 02:23 AM by Jalpa Panchal

  • TrustServerCertificate=false

    May 20, 2020 01:56 AM|Roemesh|LINK

    Hi Expert,

    I set  TrustServerCertificate=false; Encrypt=True" in webconfig and using sql server TLS certificate getting error message

    Server Error in '/' Application.


    The target principal name is incorrect

    Connection string

    <add name="SQLConnectionString" providerName="System.Data.SqlClient" connectionString="Server=xxx;Database=xxx;User ID=xxxx;Password=xxx1;MultipleActiveResultSets=True;Use Encryption for Data=True; TrustServerCertificate=false; Encrypt=True" />

  • Re: TrustServerCertificate=false

    May 21, 2020 02:23 AM|Jalpa Panchal|LINK

    Hi,

    When TrustServerCertificate is false and Encrypt is true, the server name (or IP address) in a SQL Server SSL certificate must exactly match the server name (or IP address) specified in the connection string. Otherwise, the connection attempt will fail.

    In other words, the only security check that's being done with the combination of "encrypt=true;trustservercertificate=false" is to see if the certificate hostname matches the hostname of the server you're trying to connect to.

    trustservercertificate=false won't accept self-signed certificates so the certificate must still be signed by a known/trusted CA.

    so to resolve the issue set the TrustServerCertificate=true. 

    Regards,

    Jalpa

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue.
    If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.