When SQL Server uses the Force Encryption with value "yes" then if in the client-side we use encrypt=true option in the connection string, then the client application tries to verify the server certificate.
My question is this how we can force the client (by the server or any way) to verify the certificate regardless of the connection string value?
Best Answer
Connection string values override defaults set in the driver if the connection string has the item filled in. There is no overarching way of forcing this except to use
TrustServerCertificate=falsein the connection string to zero out any other options.