Vault with SSL

A collection of information about Vault, including solutions to common problems.

Moderator: SourceGear

Post Reply
Beth
Posts: 8550
Joined: Wed Jun 21, 2006 8:24 pm
Location: SourceGear
Contact:

Vault with SSL

Post by Beth » Mon Apr 03, 2017 9:14 am

To connect a Vault client using SSL extra configuration is required on your IIS Server.

Firstly, an SSL certificate needs to be purchased/generated and bound to the IIS website under which Vault was installed. You can either purchase a certificate from a third party certificate provider, or you can set up your own Certificate Authority Server in your network to create and manage your own certificates.

Microsoft has an overview of how to install certificates on IIS: https://support.microsoft.com/en-us/hel ... ice-in-iis.

Additionally, third party certificate providers provide instructions on how you install their certificates. A few examples can be found at the following URLs.
https://www.digicert.com/ssl-certificat ... -iis-7.htm
https://www.godaddy.com/help/iis-7-inst ... icate-4801

If you wish to set up your own Certificate Authority, you will need to look for specific instructions for the operating system you will set up with (Windows, Linux, etc.). Setting up a Certificate Authority is outside Vault support.

A couple of notes:

+ The default Vault plugins for Find in Files, Notifications, and Shadow Folders are initially installed to use HTTP (not HTTPS with SSL). If a change is made on the Vault Server that restricts network traffic to strictly HTTPS, you will need to modify the URLs used by the Vault Plugins in the Vault Admin Web Tool.

+ In regards to SSL / TLS configuration, Vault 9.1 and previous versions will require IIS to be configured with TLS 1.0/1.1 due to the .NET requirements of the Vault Client. However, starting with Vault 10, SourceGear has a 'Labs' based Vault 10 Client that can connect to the Vault 10 Server using TLS 1.2. This will require require .NET 4.5.2 or higher to be installed on your client machines. Please email support AT sourcegear DOT com if you are interested in obtaining this Vault client.
Beth Kieler
SourceGear Technical Support

Post Reply