During my SQL Server 2014 Enterprise installation efforts, I encountered an error near the end of the install that has prevented completion.
A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: SSL Provider, error: 0 – The certificate chain was issued by an authority that is not trusted.).
There is currently no cert on the server so it looks as though SQL Server has generated a self signed cert to connect with, but isn't being trusted.
Note that all this is happening before the install is complete, so configuration manager isn't available yet. My thought is to turn encryption off, but with no config manager, I am not sure where there may be a config file for the install somewhere that I can edit. Or maybe I would need to put a trusted cert on the server, but without configuration manager fully available, there isn't a way to tell SQL Server to use this the trust cert.
Best Answer
Tom Li- MSFT described a solution to what sounds like your problem, but his solution was for SQL Server 2008. (But just how much has the installer been improved since then?)
https://social.msdn.microsoft.com/forums/sqlserver/en-US/f009e660-503a-4569-a92d-9cc2ef790ca3/install-failure-certificate-chain-trust
Key points from his post include:
This certificate is used as a mechanism to protect SQL Server's login information(including password) when using SQL authentication.
By default this self-signed certificate should only affect the login information and only when using SQL authentication.
Edit: My certificate name usually matches the SQL Server's login account.
Export the certificate and delete it by using "certmgr.msc". Then run "setup.exe" to install SQL Server 2008 again.
You also can add this certificate to the Trusted Root Certification Authorities store to solve this issue. In order to do this, please execute:
Certutil -Addstore -f Root <File.Cer>Run "cliconfg.exe" from a Windows run dialog to determine that you did not check "Force protocol encryption".