This page discusses the different options available in the “Encryption Settings” group as used by ACM. These options are only available when using Microsoft OLE DB Driver 19 for SQL Server.
The MSOLEDBSQL19 data provider has different default behavior for encryption and trusting the server certificate than prior versions of the MSOLEDBSQL provider. When the appropriate keywords are not provided, the connection to the ACM database will require a certificate issued by a trusted Certificate Authority.
If the expected certificate does not exist, the connection will fail and SQL Server will return an error regarding the certificate or certificate chain.
Per the Microsoft Documentation regarding encryption and certificate validation dated 12/12/2022, the outcome of the settings will be as follows:
| Encryption Option | Result |
|---|---|
| Do not encrypt | Encryption only occurs for LOGIN packets. Does not require a verifiable server certificate. |
| Encrypt and trust the server certificate | Encryption always occurs, but the server may use a self-signed server certificate. *Requires client machine to also trust the server certificate. |
| Encrypt but do not trust the server certificate | With a verifiable server certificate, the connection will succeed and encryption will occur. Without a verifiable server certificate, the connection will fail. |
*The ACM default selection is in bold.
For more information: https://learn.microsoft.com/en-us/sql/connect/oledb/features/encryption-and-certificate-validation?view=sql-server-ver16#major-version-19