diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNINpHandle.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNINpHandle.cs index 2b93f4e752..c4ba4640f6 100644 --- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNINpHandle.cs +++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNINpHandle.cs @@ -312,7 +312,7 @@ public override uint EnableSsl(uint options) _validateCert = (options & TdsEnums.SNI_SSL_VALIDATE_CERTIFICATE) != 0; try { - _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, true); + _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, false); _sslOverTdsStream.FinishHandshake(); } catch (AuthenticationException aue) diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs index d37ba9d35c..12f6370ecc 100644 --- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs +++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs @@ -578,27 +578,29 @@ private static async void ParallelConnectHelper( /// public override uint EnableSsl(uint options) { - _validateCert = (options & TdsEnums.SNI_SSL_VALIDATE_CERTIFICATE) != 0; - - try - { - _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, true); - _sslOverTdsStream.FinishHandshake(); - } - catch (AuthenticationException aue) + using (TrySNIEventScope.Create(nameof(SNIHandle))) { - SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Authentication exception occurred: {1}", args0: _connectionId, args1: aue?.Message); - return ReportTcpSNIError(aue, SNIError.CertificateValidationErrorCode); - } - catch (InvalidOperationException ioe) - { - SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Invalid Operation Exception occurred: {1}", args0: _connectionId, args1: ioe?.Message); - return ReportTcpSNIError(ioe); - } + _validateCert = (options & TdsEnums.SNI_SSL_VALIDATE_CERTIFICATE) != 0; + try + { + _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, false); + _sslOverTdsStream.FinishHandshake(); + } + catch (AuthenticationException aue) + { + SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Authentication exception occurred: {1}", args0: _connectionId, args1: aue?.Message); + return ReportTcpSNIError(aue, SNIError.CertificateValidationErrorCode); + } + catch (InvalidOperationException ioe) + { + SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Invalid Operation Exception occurred: {1}", args0: _connectionId, args1: ioe?.Message); + return ReportTcpSNIError(ioe); + } - _stream = _sslStream; - SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.INFO, "Connection Id {0}, SSL enabled successfully.", args0: _connectionId); - return TdsEnums.SNI_SUCCESS; + _stream = _sslStream; + SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.INFO, "Connection Id {0}, SSL enabled successfully.", args0: _connectionId); + return TdsEnums.SNI_SUCCESS; + } } ///