SSL is a kind of security protocol that more and more web sites are using to protect their information. Similarly, SharePoint has a SSL feature that can be enabled in Central Administration. This blog will show you how.
SSL Configuration:
Step 1. Server Roles
1. Login to SharePoint Server as administrator.
2. Open Server management and click “Server Roles.”
3. In the Roles summary click “Add Roles.”
4. Click the “Next” button and select “Active Directory Certificate Services” in the Select Server Roles window.
5. Click the “Next” button until it configures and installs successfully.
6. Select the following two role services “Certification Authority” and “Certification Authority Web Enrollment.”
Step 2. IIS Manager
1. Run IIS manager as administrator.
2. Double click this icon Server Certificates and enter the Server Certificates page.
3. Click “Create Certificate Request in Actions” section.
4. Open the “Request Certificate” window and input the correct data for every field.
5. Click the “Next” button until the file name page appears.
6. Specify the file name for the certificate request.
7. Click the “Finish” button, the request file is created successfully.
Step 3. CerSrv Site
1. Open the CerSrv site to complete the task request a certificate.
2. Click the Request a certificate link to open the new page.
3. Click “advanced certificate request” to open the new page and click the second option “Submit a certificate request by using a base-64-encoded CMC or PKC…”
4. Copy the contents of the certificate file created on Step2.6 to the textbox base-64-encoded certificate request.
5. Select “Web Server” in the Certificate Template drop-down menu.
6. Click the “Submit” button. The will then be Certificate issued.
7. Download the certificate.
8. Click the “Complete certificate request” button.
9. Select the “certification authority’s response” and “Friendly name.”
10. Click the “OK” button to create the server certificates.
Step 4. Central Administration
1. Expand the sites in IIS Manager and select “Central Administration.”
2. Click “Bindings” in the “Edit Site” section on the right side.
3. The Site Binding Window will popup.
4. Add the https type and select the SSL certificate.
5. Add the access mapping in CA.
Note: Do not forget add the host record on DNS server.
Step 5. Testing the Site
1. Let’s access CA using the following URL https://www.spbmd10.com.
Note: You might need to first import the certificate to the current browser.
2. If you see the following, then we have successfully added SSL to a SharePoint website.
Hi, you can know more about DNS with my another blog http://www.sharepointboost.com/blog/how-to-add-trust-domains-in-a-sharepoint-farm/.
Here, you can do it by the following steps.
Go to Start> Administrative Tools>DNS.
Expand Forward Lookup Zones, right-click one zone your domain such as spbmd10.com ,click New Host(A or AAA), type one name such as www in the Name box of New Host dialog, click Add Host. Finally, you will find one new record is added.
Yes, you can create the certificate on your web server. But whether need to purchase one is relying on the requirement of company.
based on your steps above in my case i separated my AD, WFE and APP so from the beginning after finish all my SP farm i want to know how to have an SSL work is it in WFE or APP? also if i want to use a certificate for internal use only what certificate i should create and where i should create in AD, WFE or APP server? can you provide detailed steps,, appreciate thank you