Microsoft Sharepoint Products and Technologies Resource Kit eBook

Chapter 27: Securing an Extranet Using SSL and Certificates 735
You should test that you can access the home page of the portal site from the
browser by using HTTPS with the common name of your server farm. This time, you
should not receive a security alert stating that the certificate name is invalid or does
not match the name of the site when you access the portal site with HTTPS.
To test SSL from the index management server
Before you perform the following steps, verify that the index management
server has access to the front-end Web servers over the port that you have specified
for SSL, such as the default port 443. This is especially important for perimeter network
(also known as DMZ, demilitarized zone, and screened subnet) deployments
or segmented-network deployments.
To view your portal site from the index management server, open a new browser
window, and type the HTTPS URL for the portal site that is on the primary front-end
Web server or the computer that hosts the parent portal site for shared services.
As before, you can ignore the warning “Revocation information for the security
certificate for this site is not available.” It signifies that your server is unable to connect
to the certificate server to verify that the certificate you just obtained has not
been revoked. To continue, click Yes.
If an authentication prompt appears, type your user name and password, and
then click OK. The home page of the portal site should be displayed.
If you receive a certificate warning that states, “The security certificate was
issued by a company you have chosen not to trust,” you must install the Trust Root
Authority, as described in “Obtaining and Installing the Certificate Authority Root” in
the “Troubleshooting” section at the end of this chapter. If you receive any other
warning, review the steps you used to create and install the certificate, and try again.
To modify settings to update search
We will now modify SharePoint Portal Server settings so that the content from
the SSL-protected portal site is included in the index.
As before, Default Web Site in IIS is our portal site. To include content from the
SSL-protected portal site in the index, first you modify the alternate portal site access
settings to use HTTPS, as follows:
1. On the SharePoint Portal Server Central Administration for server_name page,
in the Portal Site and Virtual Server Configuration section, click Configure
alternate portal site URLs for intranet, extranet, and custom access.
2. On the Configure Alternate Portal Access Settings page, rest the pointer on
Default Web Site, click the arrow that appears, and then click Edit on the
menu that appears.
3. On the Change Alternate Access Setting page, in the Default URL box, change
http to https, and then click OK.