Fix | Skip the CRL check during authenticaiton

.editorconfig

@@ -166,3 +166,7 @@ dotnet_code_quality.ca1802.api_surface = private, internal
 
 [*.cs]
 dotnet_code_quality.CA2100.excluded_type_names_with_derived_types = Microsoft.Data.SqlClient.ManualTesting.Tests.*
+[*.cs]
+dotnet_code_quality.CA2000.excluded_type_names_with_derived_types = Microsoft.Cci.* | Microsoft.Cci.Extensions.* | Microsoft.Cci.Writers.Syntax.*
+[*.cs]
+dotnet_code_quality.excluded_type_names_with_derived_types = Microsoft.Cci.* | Microsoft.Cci.Extensions.* | Microsoft.Cci.Writers.Syntax.*

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNINpHandle.cs

@@ -312,7 +312,7 @@ public override uint EnableSsl(uint options)
                 _validateCert = (options & TdsEnums.SNI_SSL_VALIDATE_CERTIFICATE) != 0;
                 try
                 {
-                    _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, true);
+                    _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, false);
                     _sslOverTdsStream.FinishHandshake();
                 }
                 catch (AuthenticationException aue)

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs

@@ -578,27 +578,29 @@ private static async void ParallelConnectHelper(
         /// </summary>
         public override uint EnableSsl(uint options)
         {
-            _validateCert = (options & TdsEnums.SNI_SSL_VALIDATE_CERTIFICATE) != 0;
-
-            try
-            {
-                _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, true);
-                _sslOverTdsStream.FinishHandshake();
-            }
-            catch (AuthenticationException aue)
+            using (TrySNIEventScope.Create(nameof(SNIHandle)))
             {
-                SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Authentication exception occurred: {1}", args0: _connectionId, args1: aue?.Message);
-                return ReportTcpSNIError(aue, SNIError.CertificateValidationErrorCode);
-            }
-            catch (InvalidOperationException ioe)
-            {
-                SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Invalid Operation Exception occurred: {1}", args0: _connectionId, args1: ioe?.Message);
-                return ReportTcpSNIError(ioe);
-            }
+                _validateCert = (options & TdsEnums.SNI_SSL_VALIDATE_CERTIFICATE) != 0;
+                try
+                {
+                    _sslStream.AuthenticateAsClient(_targetServer, null, SupportedProtocols, false);
+                    _sslOverTdsStream.FinishHandshake();
+                }
+                catch (AuthenticationException aue)
+                {
+                    SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Authentication exception occurred: {1}", args0: _connectionId, args1: aue?.Message);
+                    return ReportTcpSNIError(aue, SNIError.CertificateValidationErrorCode);
+                }
+                catch (InvalidOperationException ioe)
+                {
+                    SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.ERR, "Connection Id {0}, Invalid Operation Exception occurred: {1}", args0: _connectionId, args1: ioe?.Message);
+                    return ReportTcpSNIError(ioe);
+                }
 
-            _stream = _sslStream;
-            SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.INFO, "Connection Id {0}, SSL enabled successfully.", args0: _connectionId);
-            return TdsEnums.SNI_SUCCESS;
+                _stream = _sslStream;
+                SqlClientEventSource.Log.TrySNITraceEvent(nameof(SNITCPHandle), EventType.INFO, "Connection Id {0}, SSL enabled successfully.", args0: _connectionId);
+                return TdsEnums.SNI_SUCCESS;
+            }
         }
 
         /// <summary>