Creating a Microsoft SQL Server Secret

  1. From the Cryptographic Security Platform Vault for Secrets webGUI, select Manage > Manage Boxes.

  2. On the Manage Boxes page, select the box where you want to create a secret.

  3. On the Box page, in the Secrets region, click Add.

  4. In the Choose a type of secret to create dialog box, select Microsoft SQL Server.

  5. On the About page of the Create Secret: Microsoft SQL Server wizard, complete the following: 

    Option Description
    Name

    Enter the name to use for the secret.

    Description Enter the optional description for the secret.

    Is a Master Secret? 

    Master secrets are secrets that can be referenced by other secrets. They are primarily used to manage credentials for other systems.

    Check the checkbox if this secret will be used as a master secret.

    Expires

    Select one of the following: 

    • Use Box Setting—Accepts the global box value. This is the default.

    • No Expiration—The secret does not expire.

    • Specific Date and Time—Allows you to set the specific date and time for the secret to expire.
  6. Click Continue.

  7. On the Secret Details page of the Create Secret: Microsoft SQL Server wizard, complete the following: 

    Option Description
    Server Enter the hostname or IP address for the server.
    User Name Enter the user name used to log into the server.

    Password

    		 Enter the password for the server.

    Authentication Type

    Enter the authentication type that you want to use. This can be one of the following: 

    • SQL Server—Uses the name and password stored in MS SQL Server.

    • Contained Database—Uses database-specific users with passwords, independent of server login.

    Port

    		 Enter the port used for the server.

    Database

    		 If you selected Contained Database for the authentication type, enter the database name.

    Trust Server Certificate

    		 Check the checkbox if you want to trust this server's certificate. We recommend that you do not use this for production environments.

    Encrypt

    Choose how you want to encrypt this server. This can be one of the following: 

    • Yes

    • No

    • Optional

    • Strict

    Server Certificate

    Click Add Certificate to paste the server certificate to use while connecting.

  8. Click Continue.

  9. On the Checkout Details page of the Create Secret: Microsoft SQL Server wizard, complete the following:

    Option Description

    Checkout Duration

    How long the secret is checked out.

    • Use Box Setting—Use the duration set when creating the box. This is the default.

    • Duration—Enter a duration in days, minutes, or hours. This value will overwrite the box settings.

    Exclusive Checkout

    If enabled, then the secret checkout will be exclusive and only one user can check out the secret at a time. Users must wait for the checkout duration to expire or must manually delete the lease to make the secret available for new checkouts.

    • Use Box Setting—Use the value that was set when creating the box. This is the default.

    • Yes—If set to Yes, the secrets checkout will be exclusive.

    • No—If set to No, multiple users can checkout the secret at the same time.

  10. Click Continue.

  11. On the Rotation Details page of the Create Secret: Microsoft SQL Server wizard, complete the following:

    Option Description

    Rotation Duration

    Sets the duration for this secret to be rotated.

    • Use Box Setting—Use the duration set when creating the box. This is the default.

    • Duration—Enter a duration in days, minutes, or hours. This value will overwrite the box settings.

    Rotate on Check In

    If enabled, the secret will automatically rotate when checked in. This requires that the checkout duration is set.

    • Use Box Setting—Use the value that was set when creating the box. This is the default.

    • Yes—If set to Yes, the secret will be rotated when it is checked in.

    • No—If set to No, the secret will not be rotated when it is checked in.

    Force Rotation

    If selected, this forces the rotation of all secrets in the box. If Rotation Duration and Force Rotation are both checked, the secret will be rotated even if there are outstanding leases. If Rotate on Check In and Force Rotation are both checked, the secret will rotate when the checkout expires.

    • Use Box Setting—Use the value that was set when creating the box. This is the default.

    • Yes—If set to Yes, this forces the secret to rotate.

    • No—If set to No, the secret will not rotate.
  12. Click Continue.

  13. On the Master Secret page of the Create Secret: Microsoft SQL Server wizard, if you are using a master secret to rotate this secret, complete the following: 

    Option Description

    Box

    Select the box that contains the master secret that you want to use.

    Secret

    Select the name of the master secret that is used to rotate this secret.

  14. Click Create.