Logo 
Search:

Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

SSL with SharePoint.

  Asked By: Kiel    Date: Nov 16    Category: Sharepoint    Views: 1165

I am trying to enable SSL on a SharePoint server and just don't seem to be
able to get it right. SSL works from our "intranet", we can both upload and
download documents. But when I enable SSL the clients who use the
"extranet" SharePoint server (same one that is used for the intranet) can
only download. What does not make a lot of sense is that with SSL enabled
downloading, and uploading documents still works for the intranet. I am
following the "extranet" white paper from Microsoft to install SSL. The
other interesting thing that we notice is that even though I have told the
server it must use SSL for all communications from the intranet you can
still use SSL, or not use SSL. After loading the SSL certificate I run the
script given in the white paper, "cscript adsutil.vbs set
W3SVC/3/securebindings 137.80.5.34:443:eaimportal.hqisec.army.mil". You
also have to go to the portal for each individual workspace and set it to
"Low (IIS Process)" to prevent a dashboard error.

Does any one have any suggestions about how to get SSL working for an
extranet?

Share: 

 

13 Answers Found

 
Answer #1    Answered By: Jignesh Pitale     Answered On: Nov 16

I was successful in setting SharePoint for Extranet with SSL many times.
It is tricky but it works.

Are you getting a specific error message when uploading  document ?

Also you have to make sure you force security at the virtual directory
(workspace level) in addition to the server  level

What we also noticed is that Sharepoint doesn't like home grown
certificate. We were unsuccessful to make it work consistently unless we
used certificates from commercial authority like Verisign

 
Answer #2    Answered By: Ravish Patel     Answered On: Nov 16

Well if you are trying to upload  files and you get no error message at
all maybe is your authentication and the extranet  users are not
authenticated on the server  correct. Unless you have anonymous access
in you IIS and everyone as authors in your SPS which doesn't make any
senses.

 
Answer #3    Answered By: Satyajit Kabadagi     Answered On: Nov 16

Did you make sure that there are write permissions on the workspace
virtual dir for the ssl  site? This one got me for a while.

 
Answer #4    Answered By: Kameron Richmond     Answered On: Nov 16

Can you expand on this point? None of my virtual directories have the
write permission checked on the Home Directory Tab. Are you talking
about somewhere else?

 
Answer #5    Answered By: Kenton Ewing     Answered On: Nov 16

If you check the default website, the workspacename virtual dir will
have write allowed. You need this on the other websites, as well as
the "SharePoint Portal Server" virtual dir. You also need: 1 ip
address for each permission type/website like intranet  gets ip1,
extranet gets ip2. These should be the only ip addresses assigned to
the new websites. You also need the default web site with "all
unassigned" for an ip address for the mmc to work. the intra/extra
net sites need the FQDNs (And only the )assigned to the host headers.

 
Answer #6    Answered By: Lindy England     Answered On: Nov 16

I'm currently having problems with my SSL site. When you use the extranet  tool
and it sets up a new web site, is this new site linked back to the default web
site in anyway? Can I stop my default web site without affecting the new site?
The problem I'm having is that it's been running fine since monday, but then my
network admin recommended that I stop the default web site and since I did that,
it has not worked since. I need help badly.

 
Answer #7    Answered By: Upbrave C# expert     Answered On: Nov 16

I don't believe you can stop the default site.

 
Answer #8    Answered By: Sylvia Barrett     Answered On: Nov 16

You can stop the Default Web Site, when you use the extranet  tool, it
will create a new web site. The new web site shoudl isolated from the
Default Web Site and the new extranet site should function without the
Default Web Site\

The only problem when stopping the default web site is the SPS MMC add
in will stop working but everything else should !

 
Answer #9    Answered By: Cody Hinton     Answered On: Nov 16

Have you configured IIS to require SSL on the Intranet website?

 
Answer #10    Answered By: Vicky Gillespie     Answered On: Nov 16

We are getting a generic "denied access" when we try to upload  a document.
It is not a page that gets thrown up, but an message in red on the
SharePoint page that the upload is to take place on. It is as if the access
rights (reader, author, etc...) that we have set up are all forced to
"reader". We even went from the workspace level all the way to the folder
reasserting rights, and we still get the same denied access, even when we
logon as workspace coordinator.

When you say "server level" do you mean at the extranet  level (FQDN)?

Our SSL certificate  is from DISA (Defense Information System Agency); do you
think that qualifies as a "home grown" certificate? If it is we might
consider going to Verisign and getting one of their SSL certificates.

At least we know that some one has got SSL working with SharePoint. I was
beginning to wonder if SSL and SharePoint worked at all.

 
Answer #11    Answered By: Clara Heath     Answered On: Nov 16

I had the same problem with the red access denied. The only solution we
found was to update the certification chain on the Sharepoint Server to
trust the certificate  Authority in your case DISA but even so, we had
some intermittent issues.

I know Microsoft is recommending only using Certificate from Trusted
Authority.

So to be on teh safe side, I will recommend that you buy a certificate
from a trusted authority. In the case of our client, it solved the
problem immediately

 
Answer #12    Answered By: Babita Rajak     Answered On: Nov 16

Try installing the root certificate  per instructions at
http://www.ansoc.army.mil/pki/installroot.htm

 
Answer #13    Answered By: Erica Lewis     Answered On: Nov 16

I don't think it has to do with the certificate. Problems with the
cert cause failures to get to the site, not the read only stuff he's
seeing. You generic dashboard errors or failure to execute scripts
(dashboards looking like file listings rather than content).

 
Didn't find what you were looking for? Find more on SSL with SharePoint. Or get search suggestion and latest updates.




Tagged: