We use to receive cases where our customers wants to connect to their Azure SQL Database servers using the Private Endpoint IP instead the Azure SQL DB FQDN.
Two main errors you could face:
- Error 40532: Cannot open server "xxx.xxx.xxx.xxx" requested by the login. The login failed. (Microsoft SQL Server, Error: 40532)
- A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) (Microsoft SQL Server, Error: -2146893022)
In this article we are going to explain why and how to mitigate those.
Regarding the error 40532:
- In this situation, we need to change the user name by username@servername, in order to instruct the server name that you want to connect. If not the Azure SQL Database Gateway is not able to find the real node to connect. Please, remember that use an IP is not a recommended option and FQDN will be the best option. You have other alternatives like Custom DNS, Localhost file, etc..
Regarding the error: A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) (Microsoft SQL Server, Error: -2146893022):
- This is caused by it is not possible to validate the certificate to encrypt the data between Azure SQL DB and application. In this situation, we need to enable Trust Server Certificate to bypass, but, it is an option that is not recommended in terms of security.
Enjoy!
Updated Dec 16, 2022
Version 1.0Jose_Manuel_Jurado
Microsoft
Joined November 29, 2018
Azure Database Support Blog
Follow this blog board to get notified when there's new activity