can you try the following connection parameters? authentication=SqlPassword&encrypt=false
Same error.
LOL… Our CFO wants to review the program again. What are the odds of this working with SQL 2016 again? 
OK.. Thought I’d comb some java configs. Fixed it by editing java.security for version 21 in /usr/lib/jvm/.
security-libs/javax.net.ssl
➜ Disabled SHA-1 in TLS 1.2 and DTLS 1.2 Handshake Signatures(JDK-8340321)
The SHA-1 algorithm has been disabled by default in TLS 1.2 and DTLS 1.2 handshake signatures, by adding "rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature" to the jdk.tls.disabledAlgorithms security property in the java.security config file. RFC 9155 deprecates the use of SHA-1 in TLS 1.2 and DTLS 1.2 digital signatures. Users can, at their own risk, re-enable the SHA-1 algorithm in TLS 1.2 and DTLS 1.2 handshake signatures by removing "rsa_pkcs1_sha1 usage HandshakeSignature, ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature" from the jdk.tls.disabledAlgorithms security property.
Disabling worked.
Hm. Your SQL Server install must be running with a non-standard TLS config then. Why isn’t SHA-256 enabled? It is by default on new installs. I would review that as it could be compromising the security of your database connections.
Not sure. Might have been the Vendor application requirements. Could have been the shady contractors that did the upgrades and dev for their own application connections. I’m not much of a db guy, but hate not knowing what was done to ‘make things work’.
The debug information states that the certificate is untrusted, as follows:
"unable to find valid certification path to requested target"
I have read your subsequent posts, and I suspect your OS is Ubuntu 24.04 LTS or later, or something close to it.
Unfortunately, I am not very familiar with Ubuntu, but
Recent operating systems often disable SHA1 by default.
While enabling SHA1 on an OS with Metabase implemented might allow it to work normally, it is generally not recommended due to the significant security vulnerability.
Re-implementing it with AES256 or similar would be the best solution.
If you can create a clone of the SQL server, how about changing the encryption method of the SQL server's certificate?
I re-enabled the Java aspect for SHA1 only via it’s config, not the entire OS. It is on an Ubuntu server - same server the older version worked on before too prior to update.
I don’t think cloning would be an option due to a separate application that connects to it. I don’t know what their settings would be in order to ensure it’s functionality. It is an older server too - which is a bigger issue that the company doesn’t seem to be in a hurry to update (typical ERP woes… ).
holy thanks, got same problem when upgrading metabase. got error when connecting old SQL server.
As I only using metabase in docker, i just modify /opt/java/openjdk/conf/security/java.security and edit jdk.tls.disabledAlgorithms.
the right way is i think to upgrade sql server, but its not in my control and the probability for upgrade maybe in many year from now 
I know how you feel about the SQL upgrade needs…