I've an application that uses WebAPI in .Net core 6 and uses Kestrel server. When calling HttpPost request, the code tries to inject data in DB but fails with error:
The certificate chain was issued by an authority that is not trusted.
Inner exception: A connection was successfully established with the server, but then an error occurred during the login process
The obvious resolution is to inject TrustServerCertificate=True in the connection string. But this is a security risk as it can trust invalid certificate.
I'm using Dapper package to communicate with Sql server database.
After investigation, I found that this happens when I refer Microsoft.Data.SqlClient package. If I replace with System.Data.SqlClient package, above error occurs no more and I don't have to inject TrustServerCertificate flag.
1) Can anyone let me know why this error is raised when I refer Microsoft.Data.SqlClient?
2) Which package (System.Data.SqlClient or Microsoft.Data.SqlClient) is recommended for the new development (i.e. .Net 6 and Kestrel)