Adding SSL support to an existing WSS 3.0 (SharePoint 2007) site

I developed and configured a WSS 3.0 (Sharepoint 2007) Team discussion site. My initial goal was to compare the capabilities of WSS 3.0 to host forum-like discussions. After I had a firmer grasp of the capabilities of SharePoint 2007 with respect to hosting discussions and AAA security ( Authentication, Authorization and Accounting); I wanted to support SSL. As you might guess, this involved more than simply installing an SSL certificate on my IIS website

The 1st thing that I did was to create and install an SSL certificate for my web site. Afterwards, I went to configure SharePoint.

Most of the published information on this topic has you start with SSL when you Create a Website or Extend a website by publishing the information to a new website within the SharePoint farm. I’d already created the site so I was hoping to avoid this.

After checking through the site settings and then Central Administration settings, I found the Alternate Access Mappings in Central Administration.

  • Open up the Central Administration site
  • Select Operations
  • click Alternate Access Mappings under the Global Configuration section.

The alternate access mappings defines internal URLS, zones and Public URLS that a site will respond to. In my case I wanted my site to be open to port 80 to Office 2007 and IE on the Intranet and use SSL on the internet. After some investigation, I set my mapping as follows:

  • Default zone  — https and the FQDN of my website and SSL certificate.
  • Intranet zone — http and my webserver’s computername.
  • Internet zone — http and the FQDN of my website site.

These seem to be working pretty well, I’ll update this post if I learn anything more.

It appears, that if your webserver server hosts multiple SharePoint sites, then you would need to supply alternative mappings for any additional sites that you want to respond to SSL.


Be Sociable, Share!
This entry was posted in SharePoint, SSL Certificates, WSS and tagged , , , , . Bookmark the permalink.
  • jackinthegreen

    Thanks for the helpful info. I’m in the same boat regarding I need to add an SSL cert, my site is pre-existing, and I have a default site with an extension into the internet zone that uses FBA for access. It appears that you applied the SSL (and thus the cert) to the default site in the AAM and left the internet zone non-SSL, which seems counter-intuitive to me. I had assumed that I would apply the SSL to the internet site in the AAM as well as configure the corresponding IIS site for SSL in the IIS manager as well.

    Can you expand on reasoni for the AAM that you used as well as your corresponding IIS settings?

    Many thanks in advance for any tips!

  • david

    I set the Default Zone to ssl, because I wanted the default access to be ssl. On another SharePoint Farm I have set zones as follows:
    Default zone – http://computername.domain-name
    Intranet zone – http://computername
    Internet zone – https://internetname.domain-name

    From an IIS perspective, I set up the SSL for the SharePoint site as I would any site. I added the SSL port mapping; generated a certificate signing request; I had my certificate signed by Go Daddy; and I installed the signed certificate.

  • Vakhtang

    Excellent !!!!!
    You have saved me hips of time !!!!


  • Craig

    Hi – do you create your SSL certificte on the default site or on the sharepoint site?

  • david

    You can create the SSL certificate on any site. However, the task is easier if you create it on the sharepoint site. This is because other IIS metabase data will automatically be set for you.

  • Mohammed Saleem

    Thanks works like a charm.

  • cheap website design in the midlands

    I believe it is on the list of a whole lot info for me. Exactly what fulfilled researching ones document. Although must observation upon a number of prevalent concerns, The web page style is perfect, the actual posts really is good : Chemical. Great exercise, many thanks