Keyword not supported: 'trust server certificate'.

chuckchuck Posts: 29 Bronze 2
in SQL Change Automation
Working on version 4.2.20168, and encounter error Keyword not supported: 'trust server certificate'.
remove Trust Server Certificate=True, then got error Invalid connection string: Keyword not supported: 'multi subnet failover'.
remove Multi Subnet Failover=False, then got Error connecting to database: A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)

According https://stackoverflow.com/questions/17615260/the-certificate-chain-was-issued-by-an-authority-that-is-not-trusted-when-conn, I add Trust Server Certificate=True to the end of ShadowConnectionString section and make it work.

  <ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;Trust Server Certificate=True;Authentication=SqlPassword;Multi Subnet Failover=False</ShadowConnectionString>
changed to
 <ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;Authentication=SqlPassword;TrustServerCertificate=True</ShadowConnectionString>








Tagged:
· Share on Twitter

Best Answers

  • chuckchuck Posts: 29 Bronze 2
    edited July 20, 2020 10:03AM Answer ✓
    Just in case someone else encounter the same problem
    Trust Server Certificate=True changed to TrustServerCertificate=True
    Multi Subnet Failover=False changed to MultiSubnetFailover=False
    Remove the space in key will solve the problem




    · Share on Twitter
  • chuckchuck Posts: 29 Bronze 2
    Answer ✓
    The problem was  introduced in 4.2.20176 - June 24th, 2020.
    I previously use 4.2.20168 open the old project created by 4.2.20176.







    · Share on Twitter

Answers

  • arick111arick111 Posts: 2 New member
    chuck said:
    Working on version 4.2.20168, and encounter error Keyword not supported: 'trust server certificate'.
    remove Trust Server Certificate=True, then got error Invalid connection string: Keyword not supported: 'multi subnet failover'.
    remove Multi Subnet Failover=False, then got Error connecting to database: A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)

    According https://stackoverflow.com/questions/17615260/the-certificate-chain-was-issued-by-an-authority-that-is-not-trusted-when-conn, I add Trust Server Certificate=True to the end of ShadowConnectionString section and make it work.

      <ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;Trust Server Certificate=True;Authentication=SqlPassword;Multi Subnet Failover=False</ShadowConnectionString>
    changed to
     <ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;Authentication=SqlPassword;TrustServerCertificate=True</ShadowConnectionString>








    The user encountered errors when connecting to a database with version 4.2.20168. They resolved the issue by adjusting the connection string and adding Trust Server Certificate=True to the end of the ShadowConnectionString section. This change allowed them to successfully establish a connection to the database.


    · Share on Twitter
  • williamjson50williamjson50 Posts: 1 New member
    I just wanted to let you know in case anyone else encounters the same issue
    Added TrustServerCertificate=True to TrustServer Certificate=True
    Fault over to multiple subnets = False changed to Fault over to multiple subnets = False
    Eliminating the space in the key will fix the issue.
    · Share on Twitter
  • philljones22philljones22 Posts: 7 New member
    To resolve the connection string errors you encountered, you adjusted the `ShadowConnectionString` configuration in a specific sequence. Here’s a summary of the process and the final configuration that worked:

    1. **Initial Error:**
       You encountered an error indicating that the keyword `Trust Server Certificate` was not supported.
       
       ```
       Keyword not supported: 'trust server certificate'.
       ```

    2. **Attempted Fix:**
       You removed `Trust Server Certificate=True`, which led to a new error regarding `Multi Subnet Failover`.

       ```
       Invalid connection string: Keyword not supported: 'multi subnet failover'.
       ```

    3. **Subsequent Error:**
       Removing `Multi Subnet Failover=False` resulted in an SSL-related error during the login process.

       ```
       Error connecting to database: A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)
       ```

    4. **Final Adjustment:**
       Based on the solution found on StackOverflow, you added `Trust Server Certificate=True` back to the connection string, ensuring it was placed at the end of the `ShadowConnectionString` section.

    ### Final Connection String

    Here is the final, corrected `ShadowConnectionString` that resolved the errors:

    ```xml
    <ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;Authentication=SqlPassword;TrustServerCertificate=True</ShadowConnectionString>
    ```

    ### Explanation of Changes

    - **Trust Server Certificate=True**: This parameter tells the client to trust the server's SSL certificate without validating it. This resolves the SSL Provider error regarding the certificate chain being issued by an authority that is not trusted.
      
    - **Placement and Formatting**: By placing `Trust Server Certificate=True` at the end of the connection string and ensuring correct formatting (no spaces within the keyword), the connection string is interpreted correctly by the connection manager.

    ### Conclusion

    These adjustments resolved the connection issues by instructing the system to trust the server certificate and removing unsupported keywords. This ensures a successful and secure connection to the database.
    · Share on Twitter
  • JonahwillsJonahwills Posts: 1 New member

    In version 4.2.20168, encountering errors related to the connection string parameters 'Trust Server Certificate' and 'Multi Subnet Failover' prompted troubleshooting steps. Initially, removing 'Trust Server Certificate=True' led to an error regarding 'Multi Subnet Failover'. Subsequently, eliminating 'Multi Subnet Failover=False' resulted in a new error concerning the SSL certificate chain. Following guidance from Stack Overflow, the resolution involved appending 'Trust Server Certificate=True' to the end of the ShadowConnectionString section. This adjustment ensured successful database connectivity, emphasizing the importance of meticulous configuration in resolving connection issues.


    · Share on Twitter
  • Steven_CoolSteven_Cool Posts: 2 New member

    To address the issues you're encountering with your connection string, let's break down the steps and provide a comprehensive solution.

    Problem Breakdown

    1. Initial Error:

      • "Keyword not supported: 'trust server certificate'"
      • Removed Trust Server Certificate=True

    2. Second Error:

      • "Keyword not supported: 'multi subnet failover'"
      • Removed Multi Subnet Failover=False

    3. Third Error:

      • "A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)"

    4. Solution:

      • Added Trust Server Certificate=True which made the connection work.

    Solution Explanation

    1. Correcting the Keywords

    Based on the errors, the keywords used in your connection string need to be properly formatted. Specifically:

    • Use TrustServerCertificate instead of Trust Server Certificate.
    • Remove Multi Subnet Failover if it's not supported.

    2. Updated Connection String

    The correct format should be:


    <p><ShadowConnectionString></p><p>&nbsp; &nbsp; Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=your_password;Pooling=False;Encrypt=False;TrustServerCertificate=True;Authentication=SqlPassword;</p><p></ShadowConnectionString></p>


    Steps to Resolve the Issue

    1. Correct the Connection String Syntax:

      • Ensure there are no spaces in TrustServerCertificate.
      • Remove Multi Subnet Failover if it's not supported or necessary.

    2. Trusting the Server Certificate:

      • Setting TrustServerCertificate=True instructs the SQL client to trust the server's certificate without validating it against a trusted certificate authority. This is useful in development or testing environments but should be used with caution in production.

    3. Using Proper Authentication:

      • Ensure that the User ID and Password are correct.
      • The Authentication=SqlPassword setting is used for SQL Server authentication.

    Complete Corrected Connection String

    Here is the corrected connection string based on the provided information:


    <p><ShadowConnectionString></p><p>&nbsp; &nbsp; Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=your_password;Pooling=False;Encrypt=False;TrustServerCertificate=True;Authentication=SqlPassword;</p><p></ShadowConnectionString></p>


    Additional Considerations

    • Security: Using TrustServerCertificate=True bypasses the validation of the server's SSL certificate. This can expose your connection to security risks, such as man-in-the-middle attacks. For production environments, it is recommended to use a trusted certificate issued by a recognized certificate authority.
    • Password Management: Ensure that your password is securely managed and not hardcoded in the configuration files.

    Summary

    • Correct the keywords in the connection string (TrustServerCertificate).
    • Remove unsupported keywords (Multi Subnet Failover).
    • Ensure the connection string is properly formatted and secure.

    If you follow these steps, your connection string should work correctly without the errors you encountered. If you need further assistance, feel free to ask!


    · Share on Twitter
  • Steven_CoolSteven_Cool Posts: 2 New member
    edited September 7, 2024 4:54AM


    1. First Problem: You saw an error saying "Keyword not supported: 'trust server certificate'". To fix this, you removed Trust Server Certificate=True from your connection details.

    2. Second Problem: Then you got another error saying "Keyword not supported: 'multi subnet failover'". To fix this, you removed Multi Subnet Failover=False from your connection details.

    3. Third Problem: After that, you faced another error saying "Error connecting to database.. The certificate chain was issued by an authority that is not trusted." This means the system didn't trust the security certificate.

      Final Solution: You followed advice from a website and added Trust Server Certificate=True again at the end of your connection details. Now it worked!

    So, here is what your connection details should look like:

    <p><ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;Authentication=SqlPassword;TrustServerCertificate=True</ShadowConnectionString></p><div></div>

    This way, you should be able to connect without any problems. If you still facing any issue, then do let me know i'll try to figure out!

    · Share on Twitter
  • AmeliaAmelia Posts: 1 New member

    You resolved the connection string issues by adding TrustServerCertificate=True to bypass SSL certificate validation. Removing unnecessary options like Multi Subnet Failover=False helped stabilize the connection. The final connection string should look like this:

    <ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;Authentication=SqlPassword;TrustServerCertificate=True</ShadowConnectionString>

    This ensures a successful connection despite the certificate trust issue. :)

    · Share on Twitter
  • lastreactionlastreaction Posts: 1 New member

    1. It seems you're facing issues with connection string parameters that are not supported by the version you're using. To resolve this:

      1. Remove Unsupported Keywords: Start by removing the unsupported keywords, Trust Server Certificate=True and Multi Subnet Failover=False.

      2. SSL Certificate Error: When you remove Trust Server Certificate=True, it results in an SSL certificate error. This suggests that your server's SSL certificate is not trusted.

      3. Final Solution: Ensure your connection string in <ShadowConnectionString> has TrustServerCertificate=True, without spaces, and does not include unsupported keywords:

      4. <ShadowConnectionString>Data Source=ip;Initial Catalog=Chuck2_Connect5;User ID=clu;Password=;Pooling=False;Encrypt=False;TrustServerCertificate=True;Authentication=SqlPassword</ShadowConnectionString>

      5. This should resolve your connection issues.

    · Share on Twitter
  • benstockbenstock Posts: 1 New member
    It seems like the issue stemmed from conflicting connection string parameters, particularly the unsupported Trust Server Certificate and Multi Subnet Failover. You resolved the SSL trust error by modifying the connection string to include TrustServerCertificate=True without spaces and removing the unsupported parameters. This allowed the connection to succeed despite the SSL certificate not being trusted. For others facing this issue, ensuring correct parameter syntax and addressing SSL trust by setting TrustServerCertificate=True should help resolve similar errors.
    · Share on Twitter
  • therahiexploretherahiexplore Posts: 1 New member
    In version 4.2.20168, encountering errors related to the connection string parameters 'Trust Server Certificate' and 'Multi Subnet Failover' prompted troubleshooting steps. Initially, removing 'Trust Server Certificate=True' led to an error regarding 'Multi Subnet Failover'. Subsequently, eliminating 'Multi Subnet Failover=False' resulted in a new error concerning the SSL certificate chain. Following guidance from Stack Overflow, the resolution involved appending 'Trust Server Certificate=True' to the end of the ShadowConnectionString section. This adjustment ensured successful database connectivity, emphasizing the importance of meticulous configuration in resolving connection issues.
    · Share on Twitter
  • tehreemtehreem Posts: 2 New member
    Use `TrustServerCertificate=True` (no spaces) in the connection string, to resolve the issue. Make sure other parameters are correctly formatted to avoid connection errors.
    · Share on Twitter
  • MethewRoad69MethewRoad69 Posts: 1 New member
    It seems the issue revolves around SSL and connection string compatibility. The errors suggest that the database connection requires properly configured SSL certificates. Double-check your connection string and ensure the server's SSL certificate is trusted, or consider adding `TrustServerCertificate=True` if it's safe in your environment. Properly configuring the certificate on the server might also resolve the issue.
    · Share on Twitter
Sign In or Register to comment.