Enterprise Vault™ Requesting and Applying an SSL Certificate

Last Published:
Product(s): Enterprise Vault (14.1, 14.0, 12.5, 12.4, 12.3)

Securing Enterprise Vault web-based communication

The procedure in this section is required only if you want to secure all connections to all Enterprise Vault web applications in IIS from now on. In particular, the procedure secures all new archive and restore actions, and all search requests. If you do not require this additional configuration, do not follow the procedure.

Effect on existing shortcuts

If you follow all the steps in the procedure, note that existing shortcuts of the following types are not updated with the HTTPS/SSL request path and will no longer work:

  • Customized shortcuts

  • File System Archiving (FSA) shortcuts

  • SharePoint shortcuts

You may therefore want to follow the procedure in two stages when you change from HTTP to HTTPS, as follows:

  • Run steps 1 to 3 to change the Enterprise Vault site properties so that new shortcuts are created with an HTTPS URL. You must also run step 6 to synchronize mailboxes.

  • When existing HTTP shortcuts have expired, run steps 4 and 5 to require SSL and turn off HTTP support. The policy settings for your Enterprise Vault site control the timing of shortcut expiry.

Additional steps for FSA Reporting

If the Enterprise Vault site uses FSA Reporting, you must perform some additional steps on each Enterprise Vault server and on each file server in the site. Otherwise the status of FSA Reporting is shown as Off in the Administration Console. For details of the additional steps, see "Customizing the port or protocol for the Enterprise Vault Web Access application" in the Enterprise Vault Administrator's Guide.

To secure web-based communication

  1. Open the Enterprise Vault Administration Console on one Enterprise Vault server, and open the Site Properties.
  2. On the General tab, select Use HTTPS on SSL Port and specify port 443. When you make the selection, the following warning appears:
  3. To continue with the change, click OK on the warning and then click OK on the Site Properties.

    Note:

    Before you continue with steps 4 and 5, make sure you have read Effect on existing shortcuts and considered the option to follow this procedure in two stages.

  4. Open IIS Manager on each Enterprise Vault server to which a certificate has been applied. Select Default Web Site. Then under IIS, open the SSL Settings feature.
  5. Select Require SSL, then click Apply and OK.
  6. Synchronize all mailboxes that are enabled for Enterprise Vault for these updates to take effect.

    Note:

    Until you complete this step, existing Enterprise Vault users may not be able to access Enterprise Vault facilities.

    For information on synchronizing mailboxes, see the Enterprise Vault documentation.