2

I enabled secure connection by choosing a self-signed certificate on my SQL Server.

I can connect to it using SQL Server Management Studio and adding TrustServerCertificate=True into Additional Connection Parameters.

I need same configuration for FireDAC connection because it gives similar error

SSL Provider: The certificate chain was issued by an authority that is not trusted

when I try connecting.

How to tell this to FireDAC? (Delphi XE4, FireDAC: 8)

PS: I've already added my self-signed certificate into windows "Trusted Root Certification Authorities", but it seems that FireDAC ignores it.

Thanks

mjn
  • 36,362
  • 28
  • 176
  • 378
Mehmet Fide
  • 1,643
  • 1
  • 20
  • 35

1 Answers1

3

You should add ODBCAdvanced=TrustServerCertificate=yes to your connection definition parameters. Also verify, that you have SQL Server Native Client installed. Read more:

da-soft
  • 7,670
  • 28
  • 36
  • Thanks, that solved the problem for run-time. I've added 'TrustServerCertificate=yes' into ODBCAdvanced property of TADPhysMSSQLDriverLink. But if I make ADConnection.connected=true on design-time, I get another error says that "SSL Provider: The target principal name is incorrect". As a result, run-time connection is ok, but design-time connection still has problem. Any suggestion for it? – Mehmet Fide May 12 '13 at 10:43
  • I use tunneling for the SQL connection over proxy. (From Indy, TidMappedPortTCP works great on it). I'll try another pc which has direct internet connection and see if same error is available. – Mehmet Fide May 12 '13 at 10:48
  • You should add `ODBCAdvanced=...` to TADConnection.Params or to your persistent connection definition parameters. – da-soft May 12 '13 at 12:41