Last Update: Sep 04, 2024 | Published: Feb 17, 2014
With the advent of SharePoint 2013 some new best practices on how to deploy SharePoint sites are being released. The new best practice is to deploy web applications with secure sockets layer (SSL). More importantly, if you plan on using SharePoint apps or any Exchange site mailbox features, you must have SSL enabled on all your sites. In this article I’ll show you how to configure SSL on your SharePoint sites.
Before you begin configuring IIS and SharePoint, you’ll first need to obtain a certificate (if you already don’t have one). To obtain a certificate you will need to generate a certificate-signing request (CSR) from the webserver, which you then supply to your SSL vendor of choice. Alternately, you can create a self-generated certificate. If your server is going to be public facing, I would recommend obtaining a commercial certificate that is widely trusted rather than a domain-issued certificate. Once a certificate is obtained, it will need to be imported into the webserver for use by the SharePoint sites.
If you have an existing certificate that is used for other servers, such as a wildcard certificate, that certificate can be exported into a .pfx file and imported to the SharePoint webserver. I prefer to use wildcard certificates mainly because it’s one certificate that I need to manage and renew rather than having several specific SSL certificate files. For this article I am using an existing wildcard certificate that was exported from IIS on a different webserver.
After you have imported the certificate you will need to bind your site to use https. To configure the IIS bindings complete the following steps:
Now that you have added your certificate to IIS and bound it to the site, you’ll need to configure SharePoint to use SSL using Alternate Access Mappings. Alternate Access Mappings is how SharePoint determines how to handle the incoming URL requests and redirects to them the appropriate URL, in this case we are using HTTPS.