“The certificate chain was issued by an authority that is not trusted” when connecting DB in VM Role from Azure website

You likely don’t have a CA signed certificate installed in your SQL VM’s trusted root store.

If you have Encrypt=True in the connection string, either set that to off (not recommended), or add the following in the connection string:

TrustServerCertificate=True

SQL Server will create a self-signed certificate if you don’t install one for it to use, but it won’t be trusted by the caller since it’s not CA-signed, unless you tell the connection string to trust any server cert by default.

Long term, I’d recommend leveraging Let’s Encrypt to get a CA signed certificate from a known trusted CA for free, and install it on the VM. Don’t forget to set it up to automatically refresh. You can read more on this topic in SQL Server books online under the topic of “Encryption Hierarchy”, and “Using Encryption Without Validation”.

Related Posts:

  1. api-ms-win-crt-runtime-l1-1-0.dll is missing when opening Microsoft Office file [closed]
  2. Istio Ingress resulting in “no healthy upstream”
  3. What is a LAMP stack?
  4. What is the difference between POST and PUT in HTTP?
  5. What and where are the stack and heap?
  6. What is a reverse shell?
  7. Why am I getting error for apple-touch-icon-precomposed.png
  8. How could I ping @here in Discord.py?
  9. What’s the syntax for mod in java
  10. STDERR? What is it? What are its common uses?
  11. Handling file renames in Git
  12. ‘git’ is not recognized as an internal or external command
  13. What are the rules of the std::cin object in C++?
  14. ssh remote host identification has changed
  15. How to link to part of the same document in Markdown?
  16. What is {{.}} in mustache?
  17. How to split column into two in R using separate
  18. Python Key Error=0 – Can’t find Dict error in code
  19. Where do I find a list of all mat-icons — Angular
  20. TypeError : ‘method’ object is not subscriptable
  21. In C++, what is wx.h?
  22. How to UPSERT (MERGE, INSERT … ON DUPLICATE UPDATE) in PostgreSQL?
  23. What is the difference between allFile and allMarkdownRemark in gatsby
  24. DynamoDB : The provided key element does not match the schema
  25. How do I run a single test using Jest?
  26. Why I am getting java.lang.AbstractMethodError errors?
  27. Mercurial: no ~/.hgrc file
  28. How to clamp an integer to some range?
  29. What is the iOS 8 System Font?
  30. PHP &$string – What does this mean?
  31. difference between ‘-webkit-box-shadow’ & ‘box-shadow’ in css
  32. git status shows modifications, git checkout — doesn’t remove them
  33. How to clone all remote branches in Git
  34. If Python is interpreted, what are .pyc files?
  35. Default location of freepbx backup?
  36. ORA-01461: can bind a LONG value only for insert into a LONG column-Occurs when querying
  37. The specified DSN contains an architecture mismatch between the Driver and Application. JAVA
  38. Python FileNotFound
  39. When to use If-else if-else over switch statements and vice versa
  40. Cassandra “no viable alternative at input”
  41. How can I reduce the waiting (ttfb) time
  42. What is the difference between clang (and LLVM) and gcc / g++?
  43. Simplest way to profile a PHP script
  44. bit vectors in c++
  45. ++someVariable vs. someVariable++ in JavaScript
  46. How to increase size of DOSBox window?
  47. How to set String’s font size, style in Java using the Font class?
  48. Too small initial heap error – stanford parser
  49. How can I run a Java program in Atom editor?
  50. All com.android.support libraries must use the exact same version specification
  51. How can I run a program from a batch file without leaving the console open after the program starts?
  52. What is the difference between “JPG” / “JPEG” / “PNG” / “BMP” / “GIF” / “TIFF” Image?
  53. How to determine why a Greasemonkey script is not running [duplicate]
  54. Error: “expected primary-expression before int”
  55. How do you detect where two line segments intersect?
  56. Get a list of URLs from a site
  57. How to get parameter value from query string?
  58. What is stdole2.tlb
  59. Using a regex
  60. Beacon UUID vs BeaconLayout
  61. Binary Tree Height
  62. Curl incosistent behaviour – CLI vs Java process
  63. how to upload a file to my server using html
  64. Difference between Chocolatey and NuGet
  65. Regex multiple match substring
  66. In the following SAS statement, what do the parameters “noobs” and “label” stand for?
  67. Uploaded successfully to Heroku Local but getting 503 error once pushed to Heroku live
  68. How to make a redirection that fired a script before redirecting?
  69. Access Default Widget's Controls in Customizer Pane
  70. can you make changes to a theme in trac while it is waiting for review?
  71. Create post and update in the same flow [closed]
  72. Go top smooth function [closed]
  73. Using Javascript to Set Redirect Page in Contact Form 7
  74. Change css for certain user roles
  75. Block any other domains from using my server
  76. How do I deal with a compromised server?
  77. Something is burning in the server room; how can I quickly identify what it is?
  78. Finding out what user Apache is running as?
  79. Do systemd unit files have to be reloaded when modified?
  80. What is a glue record?
  81. How do I convert a .cer certificate to .pem?
  82. Run Oracle SQL script and exit from sqlplus.exe via command prompt
  83. Show full process name in top
  84. How do you do load testing and capacity planning for web sites?
  85. What is a good SSH server to use on Windows? [closed]
  86. In systemd, what’s the difference between After= and Requires=?
  87. Windows Server restart / shutdown history
  88. How do I set the global PATH environment variable on OS X?
  89. nmap find all alive hostnames and IPs in LAN
  90. Should CNAME Be Used For Subdomains?
  91. How do I create user accounts from the Terminal in Mac OS X 10.5?
  92. How to get a .pem file from ssh key pair?
  93. How to inspect remote SMTP server’s TLS certificate?
  94. Choosing between meaningful and meaningless hostnames [closed]
  95. logrotating files in a directories and its subdirectories
  96. Multiple TXT fields for same subdomain
  97. How to restart Nginx on Mac OS X?
  98. Do SPF Records For Primary Domain apply to subdomains?
  99. Why is the response on localhost so slow?
  100. apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName

Leave a Comment