Configure the secure connection between Vault clients and the Vault server.
When configuring SSL, you need to determine where you get a certificate for the bindings in IIS. Certificates can be generated as a self-signed certificate in IIS, an internal certificate authority (CA), or a publicly known certificate authority such as Verisign. To learn how to generate a self-signed certificate, see
Create a Self-Signed Certificate.
Note: Your Windows administrator is responsible for creating and importing the certificate into the Windows certificate system, including any intermediate CAs.
Access the Network Settings Tab on the Global Settings Dialog Box
View your network configuration and configure SSL for secure communication on the Network Settings tab of the Global Settings dialog box.
- In the ADMS console, select Tools Administration.
- In the Global Settings dialog box, select the Network Settings tab.
- The Network Settings tab displays a server URL used for connecting to the Vault Client.
The URL includes the following:
- Protocol (http/https)
- Host Name
- Port number - Not visible in the URL if the default port is configured. If the configured port is different from the default port (80), the port number follows the hostname, separated by a colon. For instance, <host name>:81).
- Click the Copy button
to copy the URL to your clipboard.
- An error message is displayed if the local system is unable to establish a connection. Double click on the error message to copy the message to your clipboard.
- Click Settings to configure or modify the network configuration.
Note: With the implementation of new SSL settings to optimize SSL connection, any modification based on legacy configuration is not supported. The Settings button is disabled in this case. If you want to modify your SSL connection while using enhanced SSL functionality, you will have to manually reset your legacy SSL settings. See
Reset Legacy SSL Settings for more information.
Configure Network Settings
In the Network Settings dialog, configure the network settings to access the Vault server.
Access Vault Server over HTTP
- Select HTTP to access the vault server over http.
- Edit the Port number if you want to set a different port for connection. The default port is 80.
Access Vault Server over HTTPS
- Select HTTPS to access the vault server over https.
- Click Certificate to configure SSL with a new certificate.
- In the Select a Certificate dialog, select the SSL certificate from a list of trusted certificates.
Note: Select only one certificate to enable SSL connection. Multiple certificate selection is not allowed.
- Click View Certificate to view the certificate details.
- Select the Host name.
- Edit the Port number if you want to set a different SSL port for connection. The default port is 443.
- Click OK.