Secure Sockets Layer

Previous page
Table of content
Next page

If you want to secure your transmissions over the extranet, you must enable SSL. After enabling SSL, you must access the workspace by using https://external_server_name.external_domain_name/workspace_name.

You should ensure that http:// is working properly before enabling SSL.

Enabling SSL requires several steps:

  • Request a new certificate, and then submit the text file that you generated to your SSL vendor.
  • Install the certificate file that you receive from your vendor.
  • Assign a certificate.
  • Specify the secure bindings value.
  • Remove port 443 from multiple SSL identities.
  • Require SSL.

The following procedures provide the steps for completing this process.

To request a new certificate:

  1. On the Start menu, point to Programs, point to Administrative Tools, and then click Internet Services Manager.
  2. Expand the node for the SharePoint Portal Server computer.
  3. Right-click YourVirtualWeb, where YourVirtualWeb is the name of the new Web site you created, and then click Properties.
  4. Click the Directory Security tab, and then click Server Certificate under Secure communications. The Welcome to the Web Server Certificate Wizard appears.
  5. Click Next.
  6. Click Create a New Certificate, and then click Next.
  7. Click Prepare the request now, but send it later, and then click Next.
  8. In Name, type YourVirtualWeb where YourVirtualWeb is the name of your new Web site.
  9. In Bit length, select 512 or 1024. For server performance, it is recommended that you select 512.
  10. If required, select the Server Gated Cryptography (SGC) certificate (for export versions only) check box.

    It is recommended that you do not change the default (the check box is not selected).

  11. Click Next.
  12. Type your organization's information on the Organization Information page, and then click Next.
  13. In Common name, type the external FQDN of your server (which includes the domain name), and then click Next. For example, type AdventureWorks.adventure-works.com.
  14. Type your geographical information on the Geographical Information page, and then click Next.
  15. Specify a file name for the certificate request, and then click Next.
  16. On the Request File Summary page, click Next.
  17. Click Finish.
  18. Click OK to close the Properties page.

You have now completed the certificate request process. Submit the text file that you generated to your SSL vendor.

After you receive the certificate file from your vendor, you must install the certificate.

To install the certificate that you receive from your vendor:

  1. On the Start menu, point to Programs, point to Administrative Tools, and then click Internet Services Manager.
  2. Expand the node for the SharePoint Portal Server computer.
  3. Right-click YourVirtualWeb, where YourVirtualWeb is the name of the new Web site you created, and then click Properties.
  4. Click the Directory Security tab, and then click Server Certificate under Secure communications. The Welcome to the Web Server Certificate Wizard appears.
  5. Click Next.
  6. Click Process the pending request and install the certificate, and then click Next.
  7. Specify the path and file name for the certificate file on the Process a Pending Request page, and then click Next.
  8. On the Certificate Summary page, click Next.
  9. Click Finish.
  10. Click OK to close the Properties page.

To assign a certificate to the Default Web Site:

This step enables you to remove port 443 from Multiple SSL identities for this Web Site in a later step. If you do not remove port 443, SharePoint Portal Server may experience unexpected behaviors because the Default Web Site and any new Web sites you create are trying to use port 443.

  1. Right-click Default Web Site, and then click Properties.
  2. Click the Directory Security tab, and then click Server Certificate under Secure communications. The Welcome to the Web Server Certificate Wizard appears.
  3. Click Next.
  4. Click Assign an existing certificate, and then click Next.
  5. On the Available Certificates page, select a certificate, and then click Next.
  6. On the Certificate Summary page, click Next.
  7. Click Finish.
  8. To close the Properties page, click OK.

To specify the secure bindings value to include the host header for the new Web site:

  1. On the Start menu, point to Programs, point to Accessories, and then click Command Prompt.
  2. Move to the directory where adsutil.vbs is located. Typically, this is in the Inetpub\AdminScripts directory on the operating system drive.
  3. Type cscript adsutil.vbs set W3SVC/number/securebindings "IP_address_of_the_server:443:external_FQDN_in_lowercase"

    where number is the number for YourVirtualWeb. Typically, W3SVC/1 is the Default Web Site, W3SVC/2 is the Administration Web Site, and W3SVC/3 is the new Web site. To find the number, you can type cscript adsutil.vbs enum W3SVC/number until you find the number for YourVirtualWeb. Type each number in order until the properties display the name of YourVirtualWeb.

If you do not remove port 443 from Default Web Site, SharePoint Portal Server may experience unexpected behaviors because the Default Web Site and any new Web sites you create are trying to use port 443.

To remove port 443 from Multiple SSL identities for this Web Site on the Default Web Site:

  1. On the Start menu, point to Programs, point to Administrative Tools, and then click Internet Services Manager.
  2. Expand the node for the SharePoint Portal Server computer.
  3. Right-click Default Web Site, and then click Properties.
  4. On the Web Site tab, click Advanced. The Advanced Multiple Web Site Configuration dialog box appears.
  5. In Multiple SSL identities for this Web Site, click the IP address for SSL port 443, and then click Remove.
  6. To close the Advanced Multiple Web Site Configuration dialog box, click OK.
  7. To close the Properties page, click OK.

To require SSL:

You must choose to require SSL before you can access SharePoint Portal Server by using https://.

  1. Right-click YourVirtualWeb, and then click Properties.
  2. On the Directory Security tab, under Secure communications, click Edit.
  3. Select the Require secure channel (SSL) check box, and then click OK.
  4. To close the Properties page, click OK.

After completing these procedures, restart the server.

You should now test access to the extranet from your intranet by using https:// instead of http://.


Previous page
Table of content
Next page
Microsoft Sharepoint Portal Server 2001 Resource Kit
Microsoft SharePoint(TM) Portal Server 2001 Resource Kit (Examples & Explanations Series)
ISBN: 0735615624
EAN: 2147483647
Year: 2001
Pages: 231
Authors: Microsoft Corporation
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Image Processing with LabVIEW and IMAQ Vision
MySQL Clustering
The Complete Cisco VPN Configuration Guide
Quantitative Methods in Project Management
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy