From 4dbaeee08d7a0753c5ab6737e2050841160000bd Mon Sep 17 00:00:00 2001
From: machavan <machavan@microsoft.com>
Date: Fri, 7 Feb 2025 11:07:59 +0530
Subject: [PATCH] Set appropriate value to requestedEncryptionLevel for
 encrypt=STRICT

---
 .../com/microsoft/sqlserver/jdbc/SQLServerConnection.java   | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerConnection.java b/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerConnection.java
index f5e6bc317..c5d8a8a8e 100644
--- a/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerConnection.java
+++ b/src/main/java/com/microsoft/sqlserver/jdbc/SQLServerConnection.java
@@ -4147,7 +4147,11 @@ void prelogin(String serverName, int portNumber) throws SQLServerException {
         final byte fedAuthOffset;
         if (fedAuthRequiredByUser) {
             messageLength = TDS.B_PRELOGIN_MESSAGE_LENGTH_WITH_FEDAUTH;
-            requestedEncryptionLevel = TDS.ENCRYPT_ON;
+            if (encryptOption.compareToIgnoreCase(EncryptOption.STRICT.toString()) == 0) {
+                requestedEncryptionLevel = TDS.ENCRYPT_NOT_SUP;
+            } else {
+                requestedEncryptionLevel = TDS.ENCRYPT_ON;
+            }
 
             // since we added one more line for prelogin option with fedauth,
             // we also needed to modify the offsets above, by adding 5 to each offset,