| title | Secure a Master Data Manager Web Application | |
|---|---|---|
| description | In SQL Server, you can secure the Master Data Manager web application with HTTPS. You must be an administrator and MDS must be installed on the web server. | |
| author | CordeliaGrey | |
| ms.author | jiwang6 | |
| ms.date | 03/01/2017 | |
| ms.service | sql | |
| ms.subservice | master-data-services | |
| ms.topic | how-to | |
| ms.custom |
|
[!INCLUDE SQL Server Windows Only - ASDBMI]
[!INCLUDE support-notice]
You can secure the [!INCLUDEssMDSmdm] web application with HTTPS.
Note
The [!INCLUDEssMDSmdm] web application can use either HTTP or HTTPS, but not both.
To perform the procedure:
-
You must be an administrator on the web server where [!INCLUDEssMDSmdm] is installed.
-
MDS must be installed on the web server, and a web application must exist. For more information, see Install Master Data Services and Create a Master Data Manager Web Application (Master Data Services).
-
IIS Extended Protection for Windows authentication should not be enabled.
-
Configure the web server to listen on all available IP addresses. Do not configure the Web server to listen on a specific IP address.
-
After you have confirmed that the [!INCLUDEssMDSmdm] web application is configured correctly with HTTP, create a certificate in IIS. For more information, see Configuring Server Certificates in IIS 7.
-
In the Connections pane, under Sites, click the site that hosts the [!INCLUDEssMDSmdm] web application.
-
In the Actions pane, click Bindings.
-
Click Add.
-
From the list, select https.
-
Select the TLS/SSL certificate.
-
Click OK.
-
Optional. To remove HTTP so that users can access the site with HTTPS only, from the list, click the row with http. Click Remove and on the confirmation dialog box, click Yes.
[!IMPORTANT]
You must change basicHttp and wsHttpBinding configurations after removing HTTP. -
To close the Site Bindings dialog box, click Close.
-
Now open the web.config file from drive:\Program Files\Microsoft SQL Server\130\Master Data Services\WebApplication.
-
Find the string
<security mode="Message">and change it to<security mode="Transport">. -
Change
<serviceMetadata httpGetEnable="true" httpsGetEnabled="false">to<serviceMetadata httpGetEnable="false" httpsGetEnabled="true">to prevent issues that may appear in the Silverlight client. -
Save and close the file. If you get an error, it could be because you have UAC enabled. Users should now be able to use HTTPS to access the site.
Create a Master Data Manager Web Application (Master Data Services)