SQL Server Management Studio 20 New Features and Functionality

By:   |   Updated: 2024-05-27   |   Comments (1)   |   Related: > SQL Server Management Studio


Microsoft released a major version upgrade to SQL Server Management Studio (SSMS), version 20. What are the changes, and how does it impact users working with SQL Server? Let's explore this in this article.


SSMS v20 was released on March 19, 2024. It is a standalone client tool for Windows and Linux SQL Server instances that significantly enhances user experience and security for database professionals.

You can download the SSMS v20 General Availability release (GA) from Microsoft Docs.

Current SSMS release

Click on the downloaded SSMS-Setup-ENU.exe to install SSMS. The installation looks like previous SSMS versions except for one change. Previously, Azure Data Studio (ADS) was also installed with SSMS 18 and 19 installations. There was no GUI option to uncheck the ADS installation. The only option was to install SSMS with the command line using the flag DoNotInstallAzureDataStudio=1.

SSMS-Setup-ENU.exe /Passive DoNotInstallAzureDataStudio=1

However, many people did not want to install ADS or SSMS. Therefore, Microsoft removed the ADS installation with SSMS v20. You need to download and install Azure Data Studio separately if you require it.


Note: SSMS 20 is a separate installation from SSMS 18 or 19. You can use both SSMS 19 and 20 on the same server.

Let's talk about the SSMS v20 changes.

Version/Name Change

As shown below, previous versions are named Microsoft SQL Server Management Studio <version>. However, the latest GA has been renamed SQL Server Management Studio 20.

renamed SQL Server Management Studio 20

SSMS 20 components and versions are listed below.

SSMS 20 component and their versions

Security and Connection Changes

Look at the login and connection properties tabs below comparing SSMS 19 and 20.

connections logins and connection pages of SSMS 19 and 20
connections logins and connection pages of SSMS 19 and 20

Changes from SSMS 19 to SSMS 20

  • SSMS 19 and earlier versions have two checkboxes in the connection properties:  Encrypt Connection and Trust Server Certificate.
  • SSMS 20 removed the encryption options from the Connection Properties tab and added a Connection Security section on the Login tab.
  • Additionally, SSMS 20 renames Encrypt Connection to Encryption.  SSMS 20 includes three encryption values: Optional, Mandatory, and Strict.
  • The Trust Server Certificate has also been moved from the Connection Properties tab to the Logins tab.

Encryption Options in SSMS 20

The SSMS 20 Encryption dropdown has three options:

  • Optional
  • Mandatory
  • Strict


By default, the SQL Server connection is not encrypted if you do not check the Encrypt Connection in SSMS 19 or earlier. SSMS 20 uses the value Optional for non-encrypted connections.


Mandatory is like checking the Encrypt Connection box in SSMS v19 or earlier. It is the default value for any connections. Therefore, if you do not have a valid, trusted certificate on your SQL instance, you get the following error:

Connection error

With the Optional and Mandatory Encryption, you can put a check on the Trust Server Certificate. However, it disables the text box for placing the hostname in the certificate. If you have a self-signed certificate, you must check the Trust Server Certificate for the mandatory Encryption.

Trust server certificate


Strict Encryption is a new feature for SQL Server 2022 onwards. You must configure a TLS certificate (signed by the trusted root authority) for this Encryption in the SQL Server instance. In Strict mode, you do not have the option to use a Trust Server Certificate. The Trust Server Certificate option is disabled to prevent man-in-the-middle attacks. The supplied certificate must pass the certificate validation for a successful connection.

By default, SQL Server matches the Common Name (CN) or the Subject Alternate Name (SAN) in the certificate with the server name we specify in the SSMS connection. It might not work for a DNS alias. Therefore, you can provide a hostname (certificate servername) in the SSMS connection - Host name in certificatesection.

The following figure shows how you can put the hostname (certificate ServerName) in the SSMS connection security section.

hostname (certificate ServerName) in the SSMS connection security section

TDS Versions Used

SQL Server uses the following TDS versions with different encryption methods:

  • TDS 8.0 is used for Strict encryption to communicate between the client and the server.
  • For Mandatory Encryption, it uses TDS 7.x with the valid server certificate installed.
  • For Optional, it uses TDS 7.x only if it is required by the SQL Server (Force Encryption = ON in SQL Server Configuration Manager).

Note: You must use Strict Encryption with Azure SQL Database and Azure SQL Managed instance as they support encrypted connections configured with trusted certificates.

Import Settings and Save Connections

Once you launch SSMS 20 for the first time, you can import SSMS user settings and save connections from the MRU list from SSMS 19 and 18.

Import SSMS user settings and save connections from the MRU list from SSMS 19 and 18

Note: If you import the existing SSMS 18 and 19 connections into SSMS 20, they might not connect due to the changes in the encryption (default=mandatory).

However, you can add a Trust Server Certificate for a self-signed certificate to all the imported connections using the following check box - Remember my selection from all connections imported from older versions.

Connection error

Note: Due to improved security measures, this Trust Server Certificate setting cannot be added as a default option for all new SSMS connections.

You can also use SSMS options > SQL Server Object Explorer > Commands and set the connection security from the default Prompt to Always in the Trust Server Certificate for the imported connections, as shown below.

Default Prompt Value:

connection security default

Modified to Always Value:

connection security changed to always

Encryption Method

If you hover your mouse over a query window connection in the status bar, it also shows the encryption method. As shown below, I use mandatory Encryption for the connection below.

mandatory encryption connection

SSMS 20 uses the Transport Layer Security (TLS) 1.3 with Tabular Data Stream TDS 8.0.

SSMS 20 connection authentication includes Microsoft Entra.

connection authentication includes Microsoft Entra

SSMS Roadmap

Microsoft announced their SSMS future roadmap. Here are a few valuable pointers:

  • Microsoft is evaluating AI for SSMS and exploring the SSMS Co-Pilot. You can give suggestions at https://aka.ms/ssms-copilot-feedback.
  • SSMS will be migrating to Visual Studio 2022 shell for the SSMS 21.
  • Currently, SSMS uses different setups for different languages. SSMS 21 is integrating all of them into a single installer.
  • Azure Data Studio is famous for extensions that enhance the ADS features as per user requirements. With the SSMS move to Visual Studio shell, extensions can also play a significant role in SSMS.
Next Steps
  • Explore the SSMS 20 changes for encrypt connections and be familiar with them before using them daily.
  • Go through the SSMS 20 release notes for detailed information.
  • Read about TDS 8.0 and how it uses Strict Encryption.

sql server categories

sql server webinars

subscribe to mssqltips

sql server tutorials

sql server white papers

next tip

About the author
MSSQLTips author Rajendra Gupta Rajendra Gupta is a Consultant DBA with 14+ years of extensive experience in database administration including large critical OLAP, OLTP, Reporting and SharePoint databases.

This author pledges the content of this article is based on professional experience and not AI generated.

View all my tips

Article Last Updated: 2024-05-27

Comments For This Article

Tuesday, May 28, 2024 - 10:02:56 AM - David Wade Back To Top (92270)
Thanks for putting this summary together!

get free sql tips
agree to terms