Breaking changes - again -:( "SSL Provider, error: 0"

Attention breaking changes:

A few weeks ago I had an error during a migration from .NET Core 3.1 to .NET 7 ... and today I had a similar error during an update from EF Core 6.0 to EF Core 7.0. 

I updated all packages and tried to start my solution. Everything seems fine: no compiler errors ... but then during startup:

A connection was successfully established with the server, but then an error occurred during the login process. provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted. 

German part: (provider: SSL Provider, error: 0 - Die Zertifikatkette wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt.)

The reason for the above error is a minor change in the default settings for the database connection. Before EF Core 7.0 the SqlClient connection strings use Encrypt=False by default. This allows connections on development machines where the local server does not have a valid certificate.

In EF Core 7.0 the SqlClient connection strings use Encrypt=True by default!

Now we have two option to solve the error:

Either the server must be configured with a valid certificate or the client must trust this certificate.

Here are the three recommendation actions:

• Install a valid certificate on the server. Note that this is an involved process and requires obtaining a certificate and ensuring it is signed by an authority trusted by the client.
• If the server has a certificate, but it is not trusted by the client, then TrustServerCertificate=True to allow bypassing the normal trust mechanism.
• Explicitly add Encrypt=False to the connection string.

Of course options 2 and 3 only valid for development environment :-) I just added TrustServerCertificate=True and Encrypt=False to my development connection strings and the error was solved.

Happy coding again ;-)

You can read all about the issue here: Encrypt defaults to true for SQL Server connections