Welcome to Software Development on Codidact!
Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.
Is there any breaking change in regard to TrustServerCertificate property of System.Data.SqlClient for .NET 5?
I have recently an issue at work after upgrading an ASP.NET Core 3.1 application to .NET 5. It worked correctly on all environments (e.g. PreProd, Prod) when targeting 3.1, but failed on Prod only after upgrade to .NET 5.
The error was login related:
A connection was successfully established with the server, but then an error occurred during the login process.The target principal name is incorrect
And the solution was the one indicated by this answer, namely setting TrustServerCertificate=true in the connection string.
This was required because the PreProd SQL Server did not require encryption, while the Production one did.
However, I still do not understand why this happened.
1 answer
I think I have found the cause of this issue:
Changes default behavior of driver to not validate server certificate if client did not request encryption with "encrypt=true" but encryption was enforced by SQL Server.
This is also mentioned in the SQL Client 2.0 breaking changes:
The driver will now perform Server Certificate validation when TLS encryption is enforced by the target Server, which is the default for Azure connections
0 comment threads
0 comment threads