Connect to an External MSSQL Database
By default, self-hosted instances of Bitwarden will use a Microsoft SQL Server (MSSQL) database created as a normal part of installation setup, however you configure Bitwarden to use an external MSSQL database.
note
Currently, self-hosted installations of Bitwarden support only MSSQL 2017 (or newer) databases. Stay tuned for future updates on this topic.
To setup your self-hosted instance with an external database:
Create a new MSSQL database named
vault
.warning
You must use
vault
as your database name. A different database name will cause migration to fail.(Recommended) Create a dedicated DBO for your
vault
database.As an administrator of your Bitwarden server, open the
global.override.env
file in an editor:nano bwdata/env/global.override.env
Text Copied!Edit the
globalSettings__sqlServer__connectionString=
value for the following information:Replace
"Data Source=tcp:mssql,1443";
with your MSSQL server name, for example"Data Source=protocol:server_url,port"
.Replace
User ID=sa;
with your DBO User ID.Replace
Password=<default_pw>;
with your DBO password.
Save your changes to
global.override.env
.Start Bitwarden (
./bitwarden.sh start
).
Once the above steps are complete, you can test the connection by creating a new user through the web vault and querying the external vault
database for creation of the new user.
If you need Bitwarden to validate your MSSQL database server's certificate, mount the certificate into your self-hosted Bitwarden server's containers. To do this:
Copy your root CA certificate into
./bwdata/ca-certificates
.Run the
./bitwarden.sh restart
command to apply the certificate to your containers and restart your server.