Requirement: Enable HTTPS encryption in SharePoint Web Application using SSL certificate.
How to Configure HTTPS for SharePoint 2016 web applications?
Enabling HTTPS encryption ensures that the communications between users and the SharePoint web site remain secure. This article assumes you have generated CSR and imported the SSL certificate to the IIS. If you need any assistance on these steps refer my another article: configuring SSL Certificates in SharePoint – Step by Step
To configure SharePoint 2013 /SharePoint 2016 for HTTPS, follow these steps:
- Add HTTPS to web application’s IIS binding
- Configure Alternate Access Mapping for the SharePoint Web application.
Step 1: Add HTTPS Binding for the SharePoint Web Application
In SharePoint 2013, to change web application to HTTPS you have to modify the default AAM to include the new HTTPS URL. Add IIS binding to your SharePoint web application as below:
- Open IIS Manager (Start >> Run >> Type “InetMgr”)
- Expand Sites and Select your target web application from the right tree navigation >> Click on the “Bindings…” link from the right-hand panel. On the Bindings dialog, click on Add…
- In the Add Site Binding dialog, select HTTPS from the Type Dropdown, leave the IP address as All Unassigned, the Port should say 443. Enter the Hostname as intranet.crescent.com, Select the respective SSL certificate you already imported. Click on OK.
Please note, if you do run Central Admin on more than one server, you’ll need to assign the SSL certificate to the web site on each machine.
Step 2: Configure Alternate Access Mapping
As a next step, You have to modify the default AAM to include the new HTTPS URL. E.g. from http://intranet.crescent.com to the https://intranet.crescent.com
- Go to: SharePoint 2016 Central Administration >> Click On Application Management
- Click on “Configure alternate access mappings”
- Click on “Edit Public URLs” >> Pick your SharePoint web application >> Enter the HTTPs URL in any of the Zone like “Intranet”
That’s All! We’ve enabled HTTPS on a SharePoint web application now. You can verify if you are able to access the web application in HTTPS by browsing the site URL.
To secure SharePoint 2013 or SharePoint 2016 Central Administration site with HTTPS, refer to this article: Secure SharePoint 2016 Central Admin from HTTP to HTTPS using SSL Certificate