Prasad Bolla's SharePoint Blog

Click Here to go through the Interesting posts within my Blog.

Click Here to go through the new posts in my blog.

Friday, December 02, 2011

Adding SSL support to an existing WSS 3.0 (SharePoint 2007) site


I developed and configured a WSS 3.0 (Sharepoint 2007) Team discussion site. My initial goal was to compare the capabilities of WSS 3.0 to host forum-like discussions. After I had a firmer grasp of the capabilities of SharePoint 2007 with respect to hosting discussions and AAA security ( Authentication, Authorization and Accounting); I wanted to support SSL. As you might guess, this involved more than simply installing an SSL certificate on my IIS website
The 1st thing that I did was to create and install an SSL certificate for my web site. Afterwards, I went to configure SharePoint.
Most of the published information on this topic has you start with SSL when you Create a Website or Extend a website by publishing the information to a new website within the SharePoint farm. I’d already created the site so I was hoping to avoid this.
After checking through the site settings and then Central Administration settings, I found the Alternate Access Mappings in Central Administration.
  • Open up the Central Administration site
  • Select Operations
  • click Alternate Access Mappings under the Global Configuration section.
The alternate access mappings defines internal URLS, zones and Public URLS that a site will respond to. In my case I wanted my site to be open to port 80 to Office 2007 and IE on the Intranet and use SSL on the internet. After some investigation, I set my mapping as follows:
  • Default zone  — https and the FQDN of my website and SSL certificate.
  • Intranet zone — http and my webserver’s computername.
  • Internet zone — http and the FQDN of my website site.
These seem to be working pretty well, I’ll update this post if I learn anything more.
It appears, that if your webserver server hosts multiple SharePoint sites, then you would need to supply alternative mappings for any additional sites that you want to respond to SSL.

No comments:

Post a Comment