How To Apply SSL In SharePoint 2013

Are you looking to enhance the security of your SharePoint 2013 site? Learn how to apply SSL in SharePoint 2013 with our comprehensive guide.

To apply SSL in SharePoint 2013, you need to install the SSL certificate using IIS 8 or the DigiCert Certificate Utility for Windows. After installing the certificate, you need to assign it to your SharePoint site using IIS 8. Finally, you need to install the root certificate in SharePoint 2013 Central Administration.

There are two ways to obtain the certificate: from a trusted certificate authority or by creating a self-signed certificate. The process involves creating a certificate signing request, completing the CSR by installing the certificate in IIS, and importing the certificate to the SharePoint certificate store.

It is important to update the bindings and AAMs for all the WFEs in the environment. It is also recommended to offload SSL at the firewall or publishing servers to reduce the burden on the Web Front Ends.

Different types of SSL certificates, such as domain validated, extended validation, wildcard, SAN, code signing, and self-signed certificates, are available depending on the requirements of your environment. Additionally, there are instructions provided for fixing common name mismatches in self-signed SSL certificates.

Installing and Assigning the SSL Certificate

Before you can secure your SharePoint site, you need to install the SSL certificate and assign it properly. Follow these steps to ensure a secure and protected SharePoint site.

  1. Start by obtaining the SSL certificate from a trusted certificate authority or by creating a self-signed certificate. If you choose to obtain it from a trusted authority, you will need to provide them with a certificate signing request (CSR) which can be generated using IIS 8.
  2. To install the SSL certificate, open IIS 8 and navigate to the server where you want to install the certificate. Select the server node, double-click on ‘Server Certificates’, and click on ‘Import’ from the right-hand side panel. Follow the prompts to locate and import the SSL certificate file.
  3. After installing the certificate, you need to assign it to your SharePoint site. In IIS 8, select the site where you want to apply the SSL certificate, click on ‘Bindings’ from the right-hand side panel, and then click on ‘Add’. Choose ‘https’ as the type, select the SSL certificate from the drop-down list, and click ‘OK’ to save the changes.
  4. Finally, make sure to install the root certificate in SharePoint 2013 Central Administration. This will ensure that the SSL certificate is trusted by all users accessing the SharePoint site.

By following these steps, you will be able to successfully install and assign the SSL certificate to your SharePoint site. Remember to update the bindings and AAMs for all the Web Front Ends (WFEs) in your environment to ensure proper SSL configuration. Additionally, consider offloading SSL at the firewall or publishing servers to reduce the burden on the WFEs.

Fixing Common Name Mismatches in Self-Signed SSL Certificates

If you are using a self-signed SSL certificate, it is common to encounter a “name mismatch” warning when accessing your SharePoint site. This occurs because the certificate is not issued by a trusted authority. To fix this, you can add an exception to your browser or import the self-signed certificate into your browser’s certificate store. This will prevent the name mismatch warning from appearing when accessing your SharePoint site.

It is important to note that self-signed SSL certificates are not recommended for production environments. They are suitable for testing or development purposes only. In a production environment, it is advisable to obtain an SSL certificate from a trusted certificate authority to ensure maximum security and trust from your users.

Types of SSL Certificates
Type Description
Domain Validated A basic SSL certificate that verifies the domain ownership
Extended Validation A high-assurance SSL certificate that requires extensive verification of the organization’s identity
Wildcard A certificate that secures a main domain and all its subdomains
SAN (Subject Alternative Name) A certificate that allows multiple domain names to be secured within a single certificate
Code Signing A certificate used to sign software code to ensure its integrity and authenticity
Self-Signed A certificate that is generated and signed by the same entity, providing minimal trust

Obtaining and Managing SSL Certificates

When it comes to SSL certificates, there are various options available. Learn how to obtain and manage SSL certificates for your SharePoint 2013 environment to ensure a secure and reliable system.

To obtain an SSL certificate, you have two choices: you can get it from a trusted certificate authority or create a self-signed certificate. A trusted certificate authority provides certificates that are signed by a trusted third party, making them suitable for production environments. On the other hand, self-signed certificates are useful for development or testing purposes, but they may trigger warnings in a browser.

To obtain a certificate, you first need to create a certificate signing request (CSR). This involves generating a private key and a CSR file, which contains information about your organization and the domain for which you are requesting the certificate. Next, you will submit the CSR to the certificate authority or use it to generate a self-signed certificate.

Once you have obtained the certificate, you will need to install it in your web server, such as IIS 8. After installation, you must import the certificate to the SharePoint certificate store. This ensures that SharePoint can communicate securely using the SSL certificate. To complete the process, don’t forget to update the bindings and Alternate Access Mappings (AAMs) for all the Web Front Ends (WFEs) in your environment.

Meet the Author

Abdul Rahim has been working in Information Technology for over two decades. Learn how Abdul got his start as a Tech Blogger , and why he decided to start this Software blog. If you want to send Abdul a quick message, then visit his contact page here.