dotnet · cheenamalhotra · Oct 6, 2021 · Oct 4, 2021
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -394,6 +394,13 @@ internal void Connect(
                     authType == SqlAuthenticationMethod.NotSpecified ? SqlAuthenticationMethod.SqlPassword.ToString() : authType.ToString());
             }
 
+            // Encryption is not supported on SQL Local DB - disable it for current session.
+            if (connHandler.ConnectionOptions.LocalDBInstance != null && encrypt)
+            {
+                encrypt = false;
+                SqlClientEventSource.Log.TryTraceEvent("<sc.TdsParser.Connect|SEC> Encryption will be disabled as target server is a SQL Local DB instance.");
+            }
+
             _sniSpnBuffer = null;
 
             // AD Integrated behaves like Windows integrated when connecting to a non-fedAuth server

diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -527,7 +527,15 @@ internal void Connect(ServerInfo serverInfo,
 
             //Create LocalDB instance if necessary
             if (connHandler.ConnectionOptions.LocalDBInstance != null)
+            {
                 LocalDBAPI.CreateLocalDBInstance(connHandler.ConnectionOptions.LocalDBInstance);
+                if (encrypt)
+                {
+                    // Encryption is not supported on SQL Local DB - disable it for current session.
+                    encrypt = false;
+                    SqlClientEventSource.Log.TryTraceEvent("<sc.TdsParser.Connect|SEC> Encryption will be disabled as target server is a SQL Local DB instance.");
+                }
+            }
 
             // AD Integrated behaves like Windows integrated when connecting to a non-fedAuth server
             if (integratedSecurity || authType == SqlAuthenticationMethod.ActiveDirectoryIntegrated)

diff --git a/src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/LocalDBTest/LocalDBTest.cs b/src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/LocalDBTest/LocalDBTest.cs
@@ -23,6 +23,15 @@ public static void SqlLocalDbConnectionTest()
             ConnectionTest(s_localDbConnectionString);
         }
 
+        [SkipOnTargetFramework(TargetFrameworkMonikers.Uap)] // No Registry support on UAP
+        [ConditionalFact(nameof(IsLocalDBEnvironmentSet))]
+        public static void LocalDBEncryptionNotSupportedTest()
+        {
+            // Encryption is not supported by SQL Local DB.
+            // But connection should succeed as encryption is disabled by driver.
+            ConnectionWithEncryptionTest(s_localDbConnectionString);
+        }
+
         [SkipOnTargetFramework(TargetFrameworkMonikers.Uap)] // No Registry support on UAP
         [ConditionalFact(nameof(IsLocalDBEnvironmentSet))]
         public static void LocalDBMarsTest()
@@ -40,6 +49,18 @@ public static void InvalidLocalDBTest()
         #endregion
 
         #region SharedLocalDb tests
+        [SkipOnTargetFramework(TargetFrameworkMonikers.Uap)] // No Registry support on UAP
+        [ConditionalFact(nameof(IsLocalDbSharedInstanceSet))]
+        public static void SharedLocalDbEncryptionTest()
+        {
+            foreach (string connectionString in s_sharedLocalDbInstances)
+            {
+                // Encryption is not supported by SQL Local DB.
+                // But connection should succeed as encryption is disabled by driver.
+                ConnectionWithEncryptionTest(connectionString);
+            }
+        }
+
         [SkipOnTargetFramework(TargetFrameworkMonikers.Uap)] // No Registry support on UAP
         [ConditionalFact(nameof(IsLocalDbSharedInstanceSet))]
         public static void SharedLocalDbMarsTest()
@@ -67,18 +88,28 @@ private static void ConnectionWithMarsTest(string connectionString)
             {
                 IntegratedSecurity = true,
                 MultipleActiveResultSets = true,
+                ConnectTimeout = 2
+            };
+            OpenConnection(builder.ConnectionString);
+        }
+
+        private static void ConnectionWithEncryptionTest(string connectionString)
+        {
+            SqlConnectionStringBuilder builder = new(connectionString)
+            {
+                IntegratedSecurity = true,
                 ConnectTimeout = 2,
-                Encrypt = false
+                Encrypt = true
             };
             OpenConnection(builder.ConnectionString);
         }
+
         private static void ConnectionTest(string connectionString)
         {
             SqlConnectionStringBuilder builder = new(connectionString)
             {
                 IntegratedSecurity = true,
-                ConnectTimeout = 2,
-                Encrypt = false
+                ConnectTimeout = 2
             };
             OpenConnection(builder.ConnectionString);
         }
@@ -87,6 +118,7 @@ private static void OpenConnection(string connString)
         {
             using SqlConnection connection = new(connString);
             connection.Open();
+            Assert.Equal(System.Data.ConnectionState.Open, connection.State);
             using SqlCommand command = new SqlCommand("SELECT @@SERVERNAME", connection);
             var result = command.ExecuteScalar();
             Assert.NotNull(result);