If you create a regular Azure SQL database and go to "Connection strings" tab in the portal all the connection strings have TrustServerCertificate=False parameter. Why is that? Microsoft doesn't trust its own certificates?

Update: I guess it's just poor naming. Found this in the official documentation:

When TrustServerCertificate is set to true, the transport layer will use SSL to encrypt the channel and bypass walking the certificate chain to validate trust. If TrustServerCertificate is set to true and encryption is turned on, the encryption level specified on the server will be used even if Encrypt is set to false. The connection will fail otherwise.

CodePudding user response：

TrustServerCertificate=true means the client will trust the certificate it gets from SQL server without fully verifying it. And this is obviously a bad thing so always use TrustServerCertificate=false.