Self-hosting

Connect to an External MSSQL Database

By default, self-hosted instances of Bitwarden will use a Microsoft SQL Server (MSSQL) database created as a normal part of installation setup, however you configure Bitwarden to use an external MSSQL database.

note

Currently, self-hosted installations of Bitwarden support only MSSQL 2017 (or newer) databases. Stay tuned for future updates on this topic.

Setup

To setup your self-hosted instance with an external database:

  1. Create a new MSSQL database named vault.

    warning

    You must use vault as your database name. A different database name will cause migration to fail.

  2. (Recommended) Create a dedicated DBO for your vault database.

  3. As an administrator of your Bitwarden server, open the global.override.env file in an editor:

    nano bwdata/env/global.override.env
    Text Copied!
  4. Edit the globalSettings__sqlServer__connectionString= value for the following information:

    • Replace "Data Source=tcp:mssql,1443"; with your MSSQL server name, for example "Data Source=protocol:server_url,port".

    • Replace User ID=sa; with your DBO User ID.

    • Replace Password=<default_pw>; with your DBO password.

  5. Save your changes to global.override.env.

  6. Start Bitwarden (./bitwarden.sh start).

Once the above steps are complete, you can test the connection by creating a new user through the web vault and querying the external vault database for creation of the new user.

Validate a server certificate

If you need Bitwarden to validate your MSSQL database server's certificate, mount the certificate into your self-hosted Bitwarden server's containers. To do this:

  1. Copy your root CA certificate into ./bwdata/ca-certificates.

  2. Run the ./bitwarden.sh restart command to apply the certificate to your containers and restart your server.



© 2023 Bitwarden, Inc.
TermsPrivacySitemap