SharePoint & SSL

Back in October I  was tasked with installing an Intranet / Extranet for a customer.  Installing and configuring the SharePoint was all done, the customer however required secure communication over the extranet so external users could communicate securely over http.
This blog article will detail how I set up SSL (Secure Socket Layer) and shall furthermore describe how SSL works.

Firstly, I extended the Intranet URL to the Extranet Zone.  This ensured that the external users could access the same information as Internal Users.
(When you extend a zone, SharePoint automatically creates an Alternate Access Mapping (AAM) , this basically tells SharePoint how to map the request to a URL)

1. Highlight the web application you wish to extend and select the extend tab from the ribbon


2. From the Next screen I populated the following fields

Ensure the Extended zones is on Port Is 443

Ensure the Extended Zones is configured to run on SSL


Check the URL and the zone is correct

Once you Click OK – SharePoint will create an additional zone for you in IIS (as below)5.IIS

Once your IIS site is created, you can attach you Certificate to the site.

3. To create the Certificate, in IIS click ‘Create Certificate Request’


Populate the Distinguished Name Properties (as below) and Click Next


Save the .txt file. The txt should be used to request the certificate from a verified issuer such as VeriSign or GoDaddy.

3. Once your certificate .cer file is on the web server , right click it and select Install Certificate. (If you have multiple WFE servers, do this step on all of them)

4. Ensure the certificate is imported onto the Local Machine and placed in the Personal Store.


5. Head back into IIS and double click Server Certificates.


Your Certificate will be visible.

6. Go back to the extended SharePoint Site, Right Click and select Edit Bindings

select Edit

Select your certificate from the SSL dropdown and Select OK.

7. Your Certificate is now attached to your Web Application.

(Move the Certificate into the Trusted Authority Store)

8. Navigate to your Extended SharePoint site and assuming you have your DNS records set up; it should load with problems with the green padlock 🙂 (as below)


Now having set all that up; what does attaching a certificate to the SharePoint server actually do?

1. Your computer  makes a request to access the site

2. The server where the certificate is installed for  issues a Public Key to the requesting computer.

3.Your  Computer then encrypts the data with the Public Key (that was sent from the server)  and sends data back to the server.

4. The Server then decrypts the data using the Private Key – and only the server with the Private Key can decrypt the data..
If anyone intercepts the data in between, the data will be ‘Jibberish’.  The Private Key is the only way the data can be decrypted.

3 thoughts on “SharePoint & SSL”

  1. Hey. This blog is really helpful and gave me an exact step by step breakdown of what I had to do. It was like I had an expert by my side talking me through it, step by step!! I will definitely be sharing this with my friends and colleagues. Keep you the good work guys and we’ll be back for more!!

Leave a Reply

Your email address will not be published. Required fields are marked *