In order to implement TLS encryption of data in transit between an SQL Server database and a client workstation, is this achieved by:

1) Installing an SSL/TLS certificate on the machine hosting the SQL Server
2) Attaching the certificate to the SQL Server instance under "Protocols for [INSTANCE_NAME]
3) Giving full control over the certificate to the service account used to start the SQL Server service
4) Installing the same certificate on the client workstation
5) Adding the certificate to the "Trusted Root Certification Authorities" store on both server and client
6) Including "Encrypt=True;" in the connection string

?