During the upgrade from 14.4 to 14.5, the installed instructed to perform the following:

Database update for IG failed
Please open another shell and run the "populateIgDatabase" command in order to complete the update of Identity Governance tables
Once the operation completed successfully - respond with "Y" to the question below:
[INFO] Populating IG database structure on the external database
[ERROR] Operation failed with error #21

XXXXXXXXXXXXXXXXXXXXXXXXX populateIgDatabases /opt/CA/VirtualAppliance/scripts/.webapp/DB_Utils/IG_auto_create_db/build.xml.FINAL:44: com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Failed to validate the server name "10.10.10.100"in a certificate during Secure Sockets Layer (SSL) initialization. Name in certificate "XXXXXXXXXXXXXXXXXXXXXXXXX"". ClientConnectionId:f980XXXX-XXXX-XXXX-XXXX-XXXXX348ec0

The Microsoft SQL JDBC Driver was upgraded to mssql-jdbc-11.2.0.

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-governance/14-5/release-notes/Release-Features-and-Enhancements.html#concept.dita_f446a63d-45e5-4eca-ae15-80c8ecc73f0a_JDBC

There are two ways to resolve this issue.

1 (Preferred/Recommended) - Update the database connection string to use FQDN instead of IP.

To perform these steps, Open the VAPP management console > Setup > Scroll Down to External Database > Edit > Update all IG Connection URL's.

From:
jdbc:sqlserver://<IPaddress>:1433;databaseName=CAIG_Ticket_DB

TO:
jdbc:sqlserver://<FQDN>:1433;databaseName=CAIG_Ticket_DB

2 - Add encrypt=false;trustServerCertificate=true

To perform these steps, Open the VAPP management console > Setup > Scroll Down to External Database > Edit > Update all IG Connection URL's.

From:
jdbc:sqlserver://<IPaddress>:1433;databaseName=CAIG_Ticket_DB

TO:
jdbc:sqlserver://<IPaddress>:1433;databaseName=CAIG_Ticket_DB;encrypt=false;trustServerCertificate=true

Important Note:

When TrustServerCertificate=true is used in the connection string, the connection process skips the trust chain validation. In this case, the application connects even if the certificate can't be verified.

https://learn.microsoft.com/en-us/dotnet/framework/data/adonet/connection-string-syntax

Starting from version 4.0, the default value of the property Encrypt is set to true while it is false for earlier versions. It could be possible that due to this value changing Encrypt back to false will resolve this issue.

It is recommended to first try troubleshooting the error by changing IP to FQDN and troubleshooting any certificate matching issues before setting encrypt = false.

These settings are advised for non-TLS communication scenarios only.

https://learn.microsoft.com/en-us/dotnet/api/microsoft.data.sqlclient.sqlconnectionstringbuilder.encrypt?view=sqlclient-dotnet-standard-5.1