Secure a Master Data Manager Web Application
Applies To: SQL Server 2016 Preview
You can secure the Master Data Services web application with HTTPS.
The Master Data Services web application can use either HTTP or HTTPS, but not both.
To perform the procedure:
You must be an administrator on the web server where Master Data Services is installed.
MDS must be installed on the web server, and a web application must exist. For more information, see Install Master Data Services and Create a Master Data Manager Web Application (Master Data Services).
To secure the Master Data Manager web application with HTTPS
After you have confirmed that the Master Data Services web application is configured correctly with HTTP, create a certificate in IIS. For more information, see Configuring Server Certificates in IIS 7.
In the Connections pane, under Sites, click the site that hosts the Master Data Services web application.
In the Actions pane, click Bindings.
From the list, select https.
Select the SSL certificate.
Optional. To remove HTTP so that users can access the site with HTTPS only, from the list, click the row with http. Click Remove and on the confirmation dialog box, click Yes.
You must change basicHttp and wsHttpBinding configurations after removing HTTP.
To close the Site Bindings dialog box, click Close.
Now open the web.config file from drive:\Program Files\Microsoft SQL Server\130\Master Data Services\WebApplication.
Find the string <security mode="Message"> and change it to <security mode="Transport">.
Save and close the file. If you get an error, it could be because you have UAC enabled. For more information, see Turn off User Account Control. Users should now be able to use HTTPS to access the site.