Fixing the “Certificate Chain Was Issued by an Untrusted Authority” Error During Sitecore Installation

I recently ran into a strange issue while setting up Sitecore locally. Everything was working fine until the installation reached the SQL setup step. At that moment, the installer threw this error:



“The certificate chain was issued by an authority that is not trusted.”

If you’ve seen this error, you know how annoying it is. The installation stops right there, and nothing moves forward.

After digging into the logs and comparing setups, I figured out what was actually going wrong and how to fix it cleanly. Sharing it here so the next person doesn’t have to spend an hour chasing it down.

Why the Error Happens

When Sitecore installs, it runs a bunch of SQL scripts using Invoke-Sqlcmd.
Newer SQL Server versions (especially SQL Server 2022) expect a properly trusted SSL certificate for the connection. But the certificates created during Sitecore setup are self-signed, and SQL simply doesn’t trust them.

Because of that, SQL rejects the connection and Sitecore fails to create the required databases.

How to Fix It

The fix is surprisingly simple once you know where to look.

Step 1: Open the Installation JSON Files

Update these two files in your install package:

  • xconnect-xp0.json

  • sitecore-xp0.json (not always needed, but good to check)

Step 2: Search for All InvokeSqlcmd Entries

You’ll usually find multiple blocks like this:

"Type": "InvokeSqlcmd"

Step 3: Add This Line Inside "Params"

Just add this:

"TrustServerCertificate": true,

Your updated block will look something like:

"Params": {
  "ServerInstance": "[parameter('SqlServer')]",
  "Credential": "[variable('Sql.Credential')]",
  "TrustServerCertificate": true,
  ...
}

Step 4: Clean Up SQL (Important)

If the previous installation attempt created any partial databases, delete them before running the installer again.

Why This Works

By enabling TrustServerCertificate, you’re telling SQL:

“Yes, I know the certificate is self-signed, and that’s fine. Let’s proceed.”

For local environments, this is completely acceptable and avoids the installation from breaking midway.

A Quick Note About Production

This workaround is only meant for local or development setups.
Do not use TrustServerCertificate=true in production environments.
Production should always use proper CA-issued certificates and validated encryption.

Final Thoughts

This tiny JSON tweak completely solved the certificate chain issue for me, and after applying it, the Sitecore installation ran without any further problems.

If you're setting up Sitecore on a machine with newer SQL versions, there’s a high chance you’ll run into this—so hopefully this saves you some time.


Comments

Post a Comment

Popular posts from this blog

Sitecore Headless: Patch Serialization Depth to Fix Broken JSON

Fixing Deep JSON References in Sitecore Layout Service While working with headless Sitecore applications, you might notice that some deeply nested components or referenced items show up in the Layout Service JSON response as "Sitecore.Data.Items.Item" or just as string references . This usually happens when the rendering tree or field references go beyond the default serialization depth limit. The Layout Service stops serializing full item data after a certain level and instead outputs a string representation. Good news: Sitecore allows you to configure how deep the Layout Service should go using the serializationMaxDepth setting. When Do You Need This? If your components include: Multiple multilist or dropdown fields References to content that itself has references (e.g. images, metadata) Recursive data structures like mega menus, category trees, etc. ... then you may encounter partial or string-based output in your JSON. Solution: Patch the Max ...
Read more

Sitecore Search Facets Not Showing More Than 10 Values? Here’s the Fix.

Image
 While working on our website’s search experience, we ran into an interesting limitation: Facet values were capped at 10 , even though the underlying content clearly had many more categories/tags. If you're using Sitecore Search (previously Sitecore Search & Discover) , this is actually expected — and the good news is that it's fully configurable. Here’s the breakdown of what’s happening and how you can fix it. Sitecore Search applies a default limit of 10 facet values for performance reasons. This means even if your index contains 30+ values for a facet like: Product Categories Brands Regions Tags …the API still returns only 10 facet values unless explicitly configured otherwise.  Why Sitecore Search Does This Sitecore Search is designed for speed. Returning all facet values by default can: Increase payload size Slow down the UI response Affect ranking calculations So the platform uses a safe default — and leaves it to you to raise the lim...
Read more