Configure TLS connections on a native mode report server

In SQL Server Reporting Services (SSRS) native mode, you can use the Transport Layer Security (TLS) protocol to establish encrypted connections to a report server. TLS was previously known as Secure Sockets Layer (SSL). If you have a certificate (.cer) file installed in a local certificate store on the report server, you can bind the certificate to an SSRS URL reservation to support report server connections through an encrypted channel.

For more information about SSRS SharePoint mode, see Reporting Services Report Server (SharePoint mode).

Because Internet Information Services (IIS) also uses TLS, there are significant interoperability issues that you must account for if you run IIS and SSRS on the same computer. For guidance on how to address these issues, review the Interoperability issues with IIS section, later in this article.

Prerequisites

Install a server certificate

You must install a server certificate on your report server in the local store. Client certificates aren't supported.

SSRS doesn't provide functionality for requesting, generating, downloading, or installing a certificate. It's up to you to choose the properties that you specify for the certificate and the certificate authority that you obtain it from. You also decide on the tools and utilities that you use to request and install the certificate.

A few possibilities exist for obtaining a certificate: