Wednesday, October 17, 2012

Create an SSL / HTTPS Site in SharePoint 2010

Why HTTPS Requires?

HTTPS is the secured way of communication between server and client. Here the message is encrypted between client and server. An encryption mechanism is needed protect the message from being manipulated by unwanted parties.

HTTPS works by installing a certificate in the server side web application. This certificate is used to encrypt the messages between client and server.  The encryption is based on a public key and private key usage. The public key will be shared with client for encrypting the message and the decryption is performed on the server side using the private key. 

Note: Stealing the public key does not do any favor in decrypting the message using Man In the Middle attack as Public key can only be used for encryption.

Please Follow below mentioned steps in order to enable SSL in SharePoint 2010 site

Step 1: Create New Web Application
Go to Central Administration and open the Manage Web Applications link. Create a new Web Application with the following properties:
  1. Name as My Secured Site
  2. Use Secured Sockets Layer (SSL) Yes
Create New Web Application  


Enable SSL in Sharepoint 2010



 

















Click the OK button to create the new web application.
Now add a new site collection inside the newly created web application.
Central Administration > Create Sitecollection > Choose current web application

Step 2: Set the Certificate
For SSL enabling you need to specify a Certificate in the Server which contains the public and private keys. Go to Internet Information Services (IIS / inetmgr.exe) and select the newly created site. Click on the Bindings link from the right side.


IIS in SharePoint 2010





















In the appearing dialog select the https item and click the Edit button.



















In the appearing dialog select the Certificate from drop down list.

















 

Click the OK button to continue.

Step 3: Test the URL.
Now you are ready to test the HTTPS url.  Open a browser and enter the url of the web site. You can also you the Browse link from IIS.
You will get the page as shown below. It says the certificate is not trusted one. You can use the Continue link to proceed with.


https configured sharepoint site
























Now you should be prompted with the site credentials. Enter the credentials to continue and you should get the site collection which you have created.


ssl site for sharepoint 2010



















Hurray! If you can see the above site then you are done with your SSL enabled site in sharepoint 2010. Please note that the URL now starts with https.

Adding SSL (https) support to an existing web application

You can add SSL support to an existing web application by performing the following:
  1. Open IIS manager
  2. Select the web application
  3. Choose Bindings dialog
  4. Add new binding of type https
  5. Select the Certificate
  6. Click the OK button
 And Done!!
Regards,
Viral Shah

No comments:

Post a Comment

Contact me

Name

Email *

Message *

Total Pageviews