Keep in mind that if a domain user account is used for the database services, the SPN (Service Principal Name) has to be set for a secure Kerberos authentication.
More information can be found in the Microsoft documentation:
https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/register-a-service-principal-name-for-kerberos-connections?view=sql-server-2017: new window
Run setspn –A MSSQLSvc/<FQDN>:<PORT> <SQL Service Account> as a domain administrator. If a service principal name is not set incoming Microsoft SQL Server connections will be authenticated using NTLM instead of Kerberos authentication.
setspn -A MSSQLSvc/server08.comp.com SQLSrv
Run setspn -L <SQL Service Account> to list all the SPNs that are registered to the domain user account who runs the instance of Microsoft SQL Server.
setspn –L SQLSrv