Thursday, August 27, 2015

How to Create a Self-Signed SSL Certificate in IIS for SharePoint

Self-Signed certificates provides encryption between the two ends. Technically, self-signed certificate are signed with its own private key. Often they are used in ADFS configuration. We may also have to use self-signed certificates in DEV-Test environments and for evaluations purposes. Lets see how to create a self-signed certificate using IIS.

Never use self-signed certificate on production sites!
Let's see, how to create a self-signed certificate in IIS step by step:
  1. Open IIS Manager, Click on Server name in the Left navigation Tree, Open "Server Certificates" widget
  2. From the Right pane, Click on "Create Self-Signed Certificate" link
  3. Enter the details for your self-signed certificate. Click on "OK" to create self-signed certificate from IIS.
That’s all. You'll find the new self-signed certificate generated and listed in Server Certificates. By default, its validity is for 1 year with common name (Issued To) to the server name.

You can create a self-signed certificate using PowerShell:
New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname uat.crescent.com 

How to Bind SSL Certificate with SharePoint Web Application?
Now, our certificate is ready use! You can bind it with any web application or export-import it to secure trusted identity provider or while publishing service applications. Lets see how to bind the certificate with any SharePoint web applications.
  1. Open IIS >> Select your target web application
  2. From right pane, Select Bindings link. Click on "Add" button.
  3. Select the certificate you created in the previous step from the SSL certificate dropdown. 
You have to repeat these steps in all your web front ends and application servers.

How to establish a Trust by Importing the Certificate?
  • From SharePoint Central Administration > Navigate to Security > Manage Trust
  • Click New > Enter Name and specify the location for the certificate for "Root Certificate for the trust relationship" and Click OK.
You can achieve the same with PowerShell:
$Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("c:\SharePoint.cer ")
New-SPTrustedRootAuthority -Name "SharePoint Certificate" -Certificate $Cert

How to copy a certificate? Just double click on the Certificate from IIS, Go to details tab and click copy to file!



You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Check out these SharePoint products:

No comments :

Post a Comment

Please Login and comment to get your questions answered!


You might also like:

Related Posts Plugin for WordPress, Blogger...