by Dan Sullivan

Setting Up SSL in Microsoft SharePoint

SharePoint Server2010 has a multi-step installation process supported by the installation wizard. Once SharePoint is installed, though, additional steps are required to install an SSL certificate.

Installing SSL certificates in SharePoint Server follows a similar pattern to other SSL certificate installations. In fact, the steps should be familiar to anyone who has worked with IIS:

1. Open the IIS Manger for the Web server for SharePoint.
2. From the Central Administration Web site, right-click and select Edit Bindings.
3. Click Add to display the Add Site Binding dialog box.
4. Select https from the drop-down box and the name of the certificate from the SSL certificate drop-down box. (This assumes the certificate has been installed in the Certificate Store as described in Chapter 2).
5. If an http binding is listed in the Site Bindings dialog box, remove it to use only https.
6. From the IIS Manger, select SharePoint Central Administration in the left panel, under the Sites folder.
7. Open the SSL Settings (double-click the icon in the central pane).
8. Select the Require SSL and Require 128-bit SSL options.
9. You can select “Ignore” under Client Certificates if you are not concerned with authenticating clients.
10. Click Apply to save the settings.

To verify the certificate is correctly installed, open a browser and navigate to the SharePoint site using https as the protocol in the URL. This should generate an error. Then browse to the page by specifying https:// in the URL; the SharePoint page should be displayed correctly.

Next, we will consider the steps required to install an SSL certificate in Microsoft SQL Server.

<< Part 5 | Part 7 >>

About the Author

Dan Sullivan has more than 20 years of IT experience that includes engagements in application design, systems architecture, and enterprise security. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, life sciences, and education. Dan has written and presented extensively about systems architecture, infrastructure management, and aligning business and IT strategies. His articles have appeared in Intelligent Enterprise, Business Security Advisor, DM Review, and E-Business Advisor. He has written several books including The Shortcut Guide to Prioritizing Security Spending,The Definitive Guide to Security Management; The Definitive Guide to Information Theft Prevention; The Definitive Guide to Service Oriented Systems Management; The Definitive Guide to Controlling Malware, Spyware, Phishing, and Spam; The Tips and Tricks Guide to Secure Content Appliances; and The Shortcut Guide to Protecting Business Internet Usage.