Wednesday, 19 November 2014

SharePoint 2010 - Create SSL Enabled Site



As part of development activities we might need to create a SSL enabled site inside SharePoint 2010. These sites will be accessed using HTTPS instead of HTTP.

For example:

SSLShr1.jpg

HTTPS is the secured way of communication between server and client. Here the message is encrypted between the client and server. An encryption mechanism is needed to protect the message from being manipulated by unwanted parties.

HTTPS works by installing a certificate in the server-side web application. This certificate is used to encrypt messages between client and server. The encryption is based on a public key and private key usage. The public key will be shared with the client for encrypting the message and the decryption is performed on the server side using the private key.

Note: Stealing the public key does not help decrypt the message using a Man In the Middle attack since a Public key can only be used for encryption.

Please use the following steps to create a new SSL enabled SharePoint site.

Step 1

Create New Web Application

Go to Central Administration and open the Manage Web Applications link. Create a new Web Application with the following properties:

  1. Name it My Secured Site
  2. Use Secured Sockets Layer (SSL) Yes
SSLShr2.jpg

SSLShr3.jpg
Click the OK button to create the new web application.

Now add a new site collection inside the newly created web application.

Central Administration > Create Site collection > Choose current web application

Step 2

Set the Certificate

For SSL enabling you need to specify a Certificate in the Server which contains the public and private keys. Go to Internet Information Services (IIS / inetmgr.exe) and select the newly created site. Click on the Bindings link from the right side.

SSLShr4.jpg

In the dialog that appears select the https item and click the Edit button.

SSLShr5.jpg

In the dialog that appears select the Certificate from the drop down list.

SSLShr6.jpg

Click the OK button to continue.

Step 3

Test the URL

Now you are ready to test the HTTPS URL. Open a browser and enter the URL of the web site. You can also use the Browse link from IIS.

You will get the page as shown below. It says the certificate is not trusted. You can use the Continue link to proceed.

SSLShr7.jpg

Now you should be prompted with the site credentials. Enter the credentials to continue and you should get the site collection you created.

SSLShr8.jpg

Wow! If you can see the above site then you are done with your SSL enabled site. Please note that the URL now starts with https.

Adding SSL (HTTPS) support to an existing web application.

You can add SSL support to an existing web application by performing the following:
  1. Open IIS manager
  2. Select the web application
  3. Choose Bindings dialog
  4. Add new binding of type https
  5. Select the Certificate
  6. Click the OK button
References

MSDN on SharePoint SSL
SSL, Public Key, Private Key


Refernce:

http://www.c-sharpcorner.com/UploadFile/40e97e/sharepoint-2010-create-ssl-enabled-site/


No comments:

Post a Comment