SSL/TLS certificate validation errors when connecting to databases

Symptoms

During installation or configuration, the extension cannot establish a database connection. Error messages may mention SSL/TLS, certificate trust, or “the certificate chain was issued by an authority that is not trusted.”

• Error message example:

  Copy

  SQLSTATE[08001]: [Microsoft][ODBC Driver 18 for SQL Server]SSL Provider: 
  The certificate chain was issued by an authority that is not trusted.

Cause The database requires SSL encryption, but the certificate presented cannot be validated. This often occurs when:

• A self-signed certificate is being used, and its authority certificate is not trusted on the machine running the extension.

• The full certificate chain (including intermediate certificates) is not installed.

• The client is enforcing encryption, but cannot verify the server’s certificate.

Solution

• If possible, use a certificate signed by a trusted Certificate Authority (CA).

• If using a self-signed certificate, import the authority certificate into the Trusted Root Certification Authorities store of the machine running the extension.

• Ensure the full certificate chain (including intermediates) is installed.

• If issues persist during installation, you can try resetting the setup:

  • Stop the extension service.

  • Delete the runtime and config folders to reset the installation.

  • Restart the installation and re-enter database details.

  • As a last resort, tick Disable SSL certificate validation to bypass the validation check.