SQL Server Management Studio: The certificate chain was issued by an authority that is not trusted.

SQL Server
  • Sandro Pereira
  • Oct 28, 2024
  • 2 min read
Tags: Encryption, Errors and Warnings Causes and Solutions, SQL, SQL Server, SSMS

Some time ago, I wrote a similar blog post describing this exact same error message while using the WCF-SQL Adapter of the BizTalk Server. Today, I encountered the same issue, but this time trying to connect to an existing SQL database using the SQL Server Management Studio (or SSMS):

TITLE: Connect to Server

Cannot connect to SQLSERVERNAME\INSTANCE.

ADDITIONAL INFORMATION:

A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 – The certificate chain was issued by an authority that is not trusted.) (Microsoft SQL Server, Error: -2146893019)

For help, click: https://docs.microsoft.com/sql/relational-databases/errors-events/mssqlserver–2146893019-database-engine-error

The certificate chain was issued by an authority that is not trusted

The certificate chain was issued

📝 One-Minute Brief

When connecting to SQL Server using SQL Server Management Studio (SSMS), you may encounter the error “The certificate chain was issued by an authority that is not trusted”. This post explains why this error occurs during encrypted connections, what changed in modern SQL and SSMS behavior, and how to quickly resolve the issue using the available connection security options without breaking connectivity.

Cause

This error occurs when you try to make an encrypted connection to SQL Server using a non-verifiable certificate.

Solution

The solution to solve this problem is quite simple, or at least a workaround for this problem:

  • Open the SQL Server Management Studio (SSMS).
  • On the Connect to Server window, you may have two options to choose from.
  • Option 1: On the Login tab under Connection Security:
    • On the Encryption property, select Optional.
    • Make sure you unselect the Trust server certificate.
    • Click Connect.
Trust server certificate
  • Option 2: On the Login tab under Connection Security:
    • On the Encryption property, select Mandatory.
    • Make sure you select the Trust server certificate.
    • Click Connect.
Trust server certificate

In my case, either of those two options worked for me.

I hope you find this helpful! If you liked the content or found it useful and want to help me write more, you can buy (or help me buy) my son a Star Wars Lego! 

Buy me a coffee
Author: Sandro Pereira

Sandro Pereira lives in Portugal and works as a consultant at DevScope. In the past years, he has been working on implementing Integration scenarios both on-premises and cloud for various clients, each with different scenarios from a technical point of view, size, and criticality, using Microsoft Azure, Microsoft BizTalk Server and different technologies like AS2, EDI, RosettaNet, SAP, TIBCO etc. He is a regular blogger, international speaker, and technical reviewer of several BizTalk books all focused on Integration. He is also the author of the book “BizTalk Mapping Patterns & Best Practices”. He has been awarded MVP since 2011 for his contributions to the integration community.

Leave a Reply

Your email address will not be published. Required fields are marked *

The Ultimate Cloud
Management Platform for Azure

Supercharge your Azure Cost Saving

Learn More
Turbo360 Widget

Get integration tips every day. Follow us on:

Back to Top