Friday, May 30, 2008

Setting up SSL for Windows Sharepoint Services 3.0

After some resdings and findings, below is a simple guide on how to setup the SSL (https) for WSS v3.WSS Central Administration

  1. In WSS server, start SharePoint 3.0 Central Administration. 
  2. Click Application Management tab, then Create or extend SharePoint Web application link
  3. Click Extend an existing Web application link
  4. Select the Web Application (SharePoint Site) which you want to extend by click on the drop down box next to Web Application.Extend Web Application
  5. Enter the Port number you wish to used. For SSL you can used the standard port number 443.
  6. Used Secure Sockets Layer (SSL) = Yes
  7. Select the required Zone
  8. Click OK button to extend the site.

You might need to change the access mapping to reflect the URL if your WSS is going to publish to the Internet. the path are Central Administration > Operations > Alternate Access Mappings

Next steps is to setup your IIS SSL Certificate.

  1. Start IIS Manager2008-05-30_230604
  2. In IIS Manager the newly extended site (SSL) is available. Right click on the Site Name, select Properties.
  3. Select Directory Security tab, click Server Certificate... button
  4. Follow the Certificate wizard to install the certificate for your new site
  5. Click Edit... button
  6. In Secure Communications windows, Checked Required secure channel (SSL)
  7. Checked Required 128-bit encryption

To further enchance the security you might want to implement the Client certificates.

8 comments:

JonnyRo said...

Thank you so much for these easy to follow instructions!

Sharepoint has been a serious pain in the ass, you helped me complete my task.

Lucas said...

I have been struggling with sharepoint for weeks now. As soon as I apply the SSL it makes my site http://servername come up with "site under construction". No matter how I apply the SSL or what I do to change it back the only solution I can seem to come up with is to recreate the entire web application.

Lucas said...

Do you have any more suggestions?

Anonymous said...

We recently added SSL to one of our Sharepoint sites and that seems to be working (although it prompts username and password everytime you try opening a shared document in its library) but the real issue is this: SharePoint Central Administration v3 no longer works.

When SSL and the certificate was configured to another already existing Sharepoint site, I made an edit to the default zones for the sites under Alternate Access Mappings. I changed the http://sharepointsite to https://sharepointsite. Once the alternate access mapping was completed, I rebooted the server. Now while the sharepoint site works, everytime I try accessing the central administration site (whether locally on the server that the IIS pages are running or from a remote workstation) through Internet Explorer, I get 'This program cannot display the webpage' message.

I've tried iisreset, adding an SSL certificate to the central administration site through IIS, rebooting the server again, and tried to use the server's IP for the IP address under Web site identification for Sharepoint Central Administration v3 properties (in IIS). I did not make any changes to this web site prior to it just not working suddenly. I simply added the SSL cert to the regular sharepoint site, changed the http to https under Alternate Access Mapping (the last time I was able to use sharepoint central administration), then rebooted the server.

How can I get Sharepoint Central Administration page to work again?


Environment: Windows Server 2003 SP2, WSS 3.0

SSL Certificates said...

The non-privileged service account trying to read the private key of the selected certificate and is unable to do so. The solution is to put the SQL database engine service account read access to the private machine license key.

SSL Certificates said...

Thank you very much for these easy to follow instructions! Sharepoint has been a serious pain in the ass, helped me complete my task.

Wildcard SSL said...

i have had similar issue with it asking for username and passwords on shared files, any idea how to sort it out?

SharePoint Services said...

It really helps me a lot.