For Question 1,

Microsoft.Data.SqlClient enforces stricter security defaults compared to System.Data.SqlClient.

System.Data.SqlClient silently skips some SSL/TLS validation scenarios while Microsoft.Data.SqlClient requires trusted certificates by default, and if your SQL Server is using a self-signed or internal certificate that isn’t trusted by your client machine, it throws exactly this error.

For Question 2, Add TrustServerCertificate=true; in your connection string.