Connect to an External MSSQL Database

By default, self-hosted instances of Bitwarden will use a Microsoft SQL Server (MSSQL) database created as a normal part of installation setup, however you configure Bitwarden to use an external MSSQL database.

To setup your self-hosted instance with an external database:

1. Create a new MSSQL database named vault.

   warning

   You must use vault as your database name. A different database name will cause migration to fail.

2. (Recommended) Create a dedicated DBO for your vault database.

3. As an administrator of your Bitwarden server, open the global.override.env file in an editor:

   nano bwdata/env/global.override.env

4. Edit the globalSettings__sqlServer__connectionString= value for the following information:

   • Replace "Data Source=tcp:mssql,1443"; with your MSSQL server name, for example "Data Source=protocol:server_url,port".

   • Replace User ID=sa; with your DBO User ID.

   • Replace Password=<default_pw>; with your DBO password.

5. Save your changes to global.override.env.

6. Start Bitwarden (./bitwarden.sh start).

Once the above steps are complete, you can test the connection by creating a new user through the web vault and querying the external vault database for creation of the new user.

If you need Bitwarden to validate your MSSQL database server's certificate, mount the certificate into your self-hosted Bitwarden server's containers. To do this:

1. Copy your root CA certificate into ./bwdata/ca-certificates.

2. Run the ./bitwarden.sh restart command to apply the certificate to your containers and restart your server.