This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 39%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
I am trying to run queries against an Azure SQL Database daily using the Azure SQL Elastic jobs. The database is only accessible via the private endpoint.
When I try to target the databases public endpoint in the target group member options, it tells me it cant connect as the database public access option is set to Deny which I expect.
If I specify the private link though, the jobs give me this error:
Failed to connect to the target database: A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) (Msg -2146893022, Level 20, State 0, Line 0)
There doesn't seem to be a way to trust the server certificate. Is there a way I am able to get around this error or fix this error?
Hi @Reece Collett Thank you for posting your question on Microsoft Q&A.
You must use the FQDN to connect to Azure SQL DB as documented at https://learn.microsoft.com/en-us/azure/sql-database/sql-database-private-endpoint-overview#check-con...
Please let us know if that works
Regards,
Oury
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 53%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERT%3C/text%3E%3C/svg%3E)
I have the same problem. My database is only accessible via the private endpoint.
The Ping command of servername.database.windows.net return ip adress 10.236.X.Y (that's good!)
I am using FQDN (servername.database.windows.net) and and it doesn't work.
I got error :
Failed to connect to the target database: Reason: An instance-specific error occurred while establishing a connection to SQL Server. Connection was denied since Deny Public Network Access is set to Yes (https://learn.microsoft.com/azure/azure-sql/database/connectivity-settings#deny-public-network-access). To connect to this server, use the Private Endpoint from inside your virtual network (https://learn.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database). (Msg 47073, Level 14, State 1, Line 65536)
@Oury Ba-MSFT , Thank you for your reply.
Like @RobinTremblay-3022 mentioned above, using the servername.database.windows.net results in this error:
Failed to connect to the target database: Reason: An instance-specific error occurred while establishing a connection to SQL Server. Connection was denied since Deny Public Network Access is set to Yes (https://learn.microsoft.com/azure/azure-sql/database/connectivity-settings#deny-public-network-access). To connect to this server, use the Private Endpoint from inside your virtual network (https://learn.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database). (Msg 47073, Level 14, State 1, Line 65536)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 73%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERT%3C/text%3E%3C/svg%3E)
Thank you Felix for the rectification. indeed you had mentioned that there had to be tests before confirming that it is a bug or a bad configuration in my azure environment. So sorry.
Robin
@Reece Collett @RobinTremblay-3022
Could you please check name resolution and port
NSLOOKUP SERVERNAME.database.windows.net
Test-NetConnection -Port 1433 -ComputerName SERVERNAME.database.windows.net
Let us know the results.
Regards,
Oury
