How to Change a SharePoint Web Application from HTTP to HTTPS?
Requirement: Enable HTTPS encryption in SharePoint Web Application using an SSL certificate.
How to Configure HTTPS for SharePoint 2016 web applications?
Enabling HTTPS encryption ensures that the communications between users and the SharePoint web site remain secure. This article assumes you have generated CSR and imported the SSL certificate to the IIS. If you need any assistance on these steps, refer to my other article: Configuring SSL Certificates in SharePoint – Step by Step
To configure SharePoint 2013 /SharePoint 2016 for HTTPS, follow these steps:
- Add HTTPS to web application’s IIS binding
- Configure Alternate Access Mapping for the SharePoint Web application.
Step 1: Add HTTPS Binding for the SharePoint Web Application
In SharePoint 2013, to change the web application to HTTPS, you must modify the default AAM to include the new HTTPS URL. Add IIS binding to your SharePoint web application as below:
- Open IIS Manager (Start >> Run >> Type “InetMgr”)
- Expand Sites and Select your target web application from the right tree navigation >> Click on the “Bindings…” link from the right-hand panel. On the Bindings dialog, click on Add…
- In the Add Site Binding dialog, select HTTPS from the Type Dropdown, and leave the IP address as All Unassigned. The Port should say 443. Enter the Hostname as intranet.crescent.com, select the respective SSL certificate you already imported. Click on OK.
Please note, if you run Central Admin on more than one server, you’ll need to assign the SSL certificate to the web site on each machine.
Step 2: Configure Alternate Access Mapping
As a next step, You have to modify the default AAM to include the new HTTPS URL. E.g., from https://intranet.crescent.com to the https://intranet.crescent.com
- Go to: SharePoint 2016 Central Administration >> Click On Application Management.
- Click on “Configure alternate access mappings.”
- Click on “Edit Public URLs” >> Pick your SharePoint web application >> Enter the HTTPs URL in any of the Zone like “Intranet”.
That’s All! We’ve enabled HTTPS on a SharePoint web application now. You can verify if you can access the web application in HTTPS by browsing the site URL.
To secure SharePoint 2013 or SharePoint 2016 Central Administration site with HTTPS, refer to this article: Secure SharePoint 2016 Central Admin from HTTP to HTTPS using SSL Certificate
True. I have tried just adding a mapping and IIS binding, does not work – the SHP site does not show up properly.
Best method and Approach according to MSFT would be to extend the existing http web app to https zone, and then provide the certificate to the subsequent https site which will be created in all the server serving as a web server.