Installing Delinea Credentials Cache on Windows

This topic describes how to install and configure Delinea Credentials Cache on Windows. The following steps cover enabling IIS, installing the ASP.NET Core Hosting Bundle, downloading and extracting the package, configuring the IIS site, and setting up HTTPS.

Prerequisites

Before you begin, ensure the following requirements are met:

  • Administrator privileges on the Windows host.

  • Network access to the Delinea marketplace download server and to your Secret Server or Delinea Platform instance.

  • A supported version of Windows Server. IIS is included with the Windows Server operating system and is enabled in the steps below.

Step 1: Enable IIS

Delinea Credentials Cache on Windows is hosted in IIS. If IIS is not already enabled on the host, complete the following steps before installing the package.

  1. Open Server Manager and select Add Roles and Features.

  2. In the Add Roles and Features Wizard, proceed to the Server Roles page.

  3. Select the checkbox next to Web Server (IIS) and select Add Features when prompted.

  4. Proceed through the wizard and select Install. Wait until the installation completes.

If IIS is already enabled on the host, skip this step and proceed to Step 2.

Step 2: Install the ASP.NET Core Hosting Bundle

Delinea Credentials Cache requires the ASP.NET Core Hosting Bundle to run under IIS. The Hosting Bundle installs the .NET runtime and the IIS module required to host ASP.NET Core applications.

  1. Download the ASP.NET Core 8.0 Hosting Bundle from the Microsoft .NET download page.

  2. Run the installer and follow the on-screen instructions to complete the installation.

  3. After the installer finishes, restart IIS to apply the changes:

    Open a command prompt with administrator privileges and run:

    iisreset

If the ASP.NET Core 8.0 Hosting Bundle is already installed on the host, skip this step and proceed to Step 3.

Step 3: Download and Install the Package

To download and install the Delinea Credentials Cache package for Windows:

  1. Download the Windows package (a zip archive).

  2. Extract the contents of the archive.

  3. Open the properties of the extracted DelineaCredentialCache_Windows folder. On the Security tab, grant the IIS_IUSRS group Full control permission, as shown.

  4. Move the DelineaCredentialCache_Windows folder to C:\inetpub\wwwroot.

Step 4: Configure the IIS Site

Register the Credentials Cache application in IIS and confirm that its application pool is running.

  1. Open IIS Manager.

  2. In the Connections pane, expand the server node, then expand Sites.

  3. Right-click Default Web Site and select Add Application.

  4. In the Add Application dialog, enter the following values:

    • Alias: Enter a name for the application, for example DelineaCredCache.

    • Application pool: Select an existing ASP.NET Core application pool, or create a new one with No Managed Code selected.

    • Physical path: Enter C:\inetpub\wwwroot\DelineaCredentialCache_Windows.

  5. Select OK.

  6. In the Connections pane, select Application Pools and confirm that the application pool used by the Credentials Cache application shows a status of Started.

If the application pool does not start, open Event Viewer > Windows Logs > Application and review any IIS or ASP.NET Core hosting errors.

Step 5: Configure HTTPS (Optional)

If you require HTTPS access to Delinea Credentials Cache, add an HTTPS binding to the IIS site and bind a certificate to it. The following steps use a self-signed certificate for testing purposes. For production environments, use a certificate issued by a trusted certificate authority.

Create a Self-Signed Certificate

  1. Open a PowerShell prompt with administrator privileges and run the following command. Replace your-host.your-domain.com with your server's fully qualified domain name.

    New-SelfSignedCertificate -DnsName "your-host.your-domain.com" -CertStoreLocation "cert:\LocalMachine\My"

  2. Note the thumbprint returned by the command. You will need it in the next section.

Add an HTTPS Binding in IIS

  1. In IIS Manager, in the Connections pane, select Default Web Site.

  2. In the Actions pane, select Bindings.

  3. In the Site Bindings dialog, select Add.

  4. In the Add Site Binding dialog, enter the following values:

    • Type: Select https.

    • IP address: Select All Unassigned or enter a specific IP address.

    • Port: Enter 443.

    • Host name: Enter your server's fully qualified domain name, for example your-host.your-domain.com.

    • SSL certificate: Select the certificate created in the previous section.

  5. Select OK, then select Close.

If you are using a certificate from a trusted certificate authority, import the certificate into the Windows certificate store before adding the HTTPS binding. To import a certificate, open Certificates (Local Computer) via certlm.msc and import the certificate into the Personal store.

Step 6: Verify the Installation

After completing the setup, confirm that Delinea Credentials Cache is running correctly.

  1. In IIS Manager, under Sites > Default Web Site, select the Credentials Cache application.

  2. In the Actions pane, select Browse. The Swagger UI should load in a browser without errors.

  3. Confirm the following on the Swagger page:

    • The Swagger page loads successfully.

    • API endpoints are visible.

    • An Authorize button is present.

  4. If the page does not load, open Event Viewer > Windows Logs > Application and review any IIS or ASP.NET Core hosting errors.

For detailed validation steps including Event Pipeline verification, see Verification.