Setup HTTPS access on Multi Tenant mode
-
Tuesday, August 07, 2012 3:01 AM
Hi All,
We are in the middle of setting up a Multi-Tenant SharePoint 2010 deployment, and have been following the instructions and scripts in this tutorial. http://www.harbar.net/articles/sp2010mt1.aspx I am up to the last part about provisioning tenants, and noticed that this script only provisions them under HTTP. We would like them to access the site via HTTPS instead. Should I have done something else differently in the initial setup to be able to do this, and can i fix that now?
Thanks,
Tim
All Replies
-
Tuesday, August 07, 2012 3:21 AMModeratorCreate your Web Application using SSL. Then, just modify the script to use https:// instead of http://.
http://sharepoint.nauplius.net
-
Tuesday, August 07, 2012 3:25 AMIn the instructions given in the tutorial noted in the OP, is the web app the whole Hosted area, or is it individual to each tenant? That is what I wasn't sure about.
-
Tuesday, August 07, 2012 3:26 AMModerator
When creating your Web Application, use SSL (or just add it after the fact if you're already done):
http://www.harbar.net/articles/sp2010mt4.aspx
When provisioning each tenant, use SSL by replacing http:// with https://
http://www.harbar.net/archive/2010/09/14/sp2010mt6.aspx
http://sharepoint.nauplius.net
-
Tuesday, August 07, 2012 4:48 AM
I added SSL to the Web Application as described here: http://blogs.msdn.com/b/sowmyancs/archive/2010/02/12/how-to-enable-ssl-on-a-sharepoint-web-application.aspx was this the right way of doing it?
I changed the script to use HTTPS, and it failed for every site that it needed to create. Error text below.
WARNING: The port specified for the new host header site does not match any known bindings in the specified Web Application. The new site will not be accessible if the Web Application is not extended to an IIS Web Site serving this port. New-SPSite : <nativehr>0x80070057</nativehr><nativestack></nativestack> At C:\Users\administrator.Hoster\Documents\SPProvisionTenants.ps1:43 char:15 + New-SPSite <<<< -url "https://$customerURLPrefix.Hoster.net.au" -SiteSubscription $sub -HostHeaderWebApplicati on $webApp -owneralias $customerTenantAdmin -owneremail $customerTenantAdminEmail -template sts#0 + CategoryInfo : InvalidData: (Microsoft.Share...SPCmdletNewSite:SPCmdletNewSite) [New-SPSite], ArgumentE xception + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSite Creating Tenant Admin site... WARNING: The port specified for the new host header site does not match any known bindings in the specified Web Application. The new site will not be accessible if the Web Application is not extended to an IIS Web Site serving this port. New-SPSite : Cannot create host header site at 'https://Hoster.Hoster.net.au/admin' until a site exists at the root of the specified URI . Please create a host header site at 'https://Hoster.Hoster.net.au/' and try again. At C:\Users\administrator.Hoster\Documents\SPProvisionTenants.ps1:47 char:15 + New-SPSite <<<< -url "https://$customerURLPrefix.Hoster.net.au/admin" -SiteSubscription $sub -HostHeaderWebApp lication $webApp -owneralias $customerTenantAdmin -owneremail $customerTenantAdminEmail -template tenantadmin#0 -Admini strationSiteType TenantAdministration + CategoryInfo : InvalidData: (Microsoft.Share...SPCmdletNewSite:SPCmdletNewSite) [New-SPSite], ArgumentE xception + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSite Tenant has SharePoint Server features Creating My Site Host... WARNING: The port specified for the new host header site does not match any known bindings in the specified Web Application. The new site will not be accessible if the Web Application is not extended to an IIS Web Site serving this port. New-SPSite : Cannot create host header site at 'https://Hoster.Hoster.net.au/mysites' until a site exists at the ro ot of the specified URI . Please create a host header site at 'https://Hoster.Hoster.net.au/' and try again. At C:\Users\administrator.Hoster\Documents\SPProvisionTenants.ps1:55 char:19 + New-SPSite <<<< -url "https://$customerURLPrefix.Hoster.net.au/mysites" -SiteSubscription $sub -HostHeader WebApplication $webApp -owneralias $customerTenantAdmin -owneremail $customerTenantAdminEmail -template SPSMSITEHOST#0 + CategoryInfo : InvalidData: (Microsoft.Share...SPCmdletNewSite:SPCmdletNewSite) [New-SPSite], ArgumentE xception + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSite Configuring Tenant Profile Config... Add-SPSiteSubscriptionProfileConfig : Object reference not set to an instance of an object. At C:\Users\administrator.Hoster\Documents\SPProvisionTenants.ps1:60 char:44 + Add-SPSiteSubscriptionProfileConfig <<<< -id $sub -SynchronizationOU $customerName -MySiteHostLocation "http s://$customerURLPrefix.Hoster.net.au/mysites" -MySiteManagedPath "/mysites/personal" -SiteNamingConflictResolution "N one" -ProfileServiceApplicationProxy $upaProxy + CategoryInfo : InvalidData: (Microsoft.Offic...ddProfileTenant:SPCmdletAddProfileTenant) [Add-SPSiteSub scriptionProfileConfig], NullReferenceException + FullyQualifiedErrorId : Microsoft.Office.Server.UserProfiles.PowerShell.SPCmdletAddProfileTenant Creating Content Type Gallery... WARNING: The port specified for the new host header site does not match any known bindings in the specified Web Application. The new site will not be accessible if the Web Application is not extended to an IIS Web Site serving this port. New-SPSite : Cannot create host header site at 'https://Hoster.Hoster.net.au/cthub' until a site exists at the root of the specified URI . Please create a host header site at 'https://Hoster.Hoster.net.au/' and try again. At C:\Users\administrator.Hoster\Documents\SPProvisionTenants.ps1:64 char:19 + New-SPSite <<<< -url "https://$customerURLPrefix.Hoster.net.au/cthub" -SiteSubscription $sub -HostHeaderWe bApplication $webApp -owneralias $customerTenantAdmin -owneremail $customerTenantAdminEmail -template sts#0 + CategoryInfo : InvalidData: (Microsoft.Share...SPCmdletNewSite:SPCmdletNewSite) [New-SPSite], ArgumentE xception + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSite Configuring Tenant Content Type Gallery... WARNING: Failed to activate the ContentTypeHub feature on the hub site. Please manually activate the feature to ensure the Metadata Web Service Application can work properly. Activating Content Type Hub... Enable-SPFeature : The Web application at https://Hoster.Hoster.net.au/cthub could not be found. Verify that you ha ve typed the URL correctly. If the URL should be serving existing content, the system administrator may need to add a n ew request URL mapping to the intended application. At C:\Users\administrator.Hoster\Documents\SPProvisionTenants.ps1:72 char:25 + Enable-SPFeature <<<< -Identity ContentTypeHub -url "https://$customerURLPrefix.Hoster.net.au/cthub" + CategoryInfo : InvalidData: (Microsoft.Share...etEnableFeature:SPCmdletEnableFeature) [Enable-SPFeature ], FileNotFoundException + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletEnableFeature Tenant Provisioned! Id Sites -- ----- 9f9a1584-fde0-4d09-b252-ca18b956f717 {} PS C:\Users\administrator.Hoster\Documents> New-SPSite -Url "https://Hoster.Hoster.net.au" -SiteSubscription 9f9a1 584-fde0-4d09-b252-ca18b956f717 -HostHeaderWebApplication "SharePoint Hosting" -OwnerAlias "Hoster\administrator1" -Ow nerEmail administrator@Hoster.net.au -Template sts#0 New-SPSite : The specified SPSiteSubscription object could not be found. At line:1 char:11 + New-SPSite <<<< -Url "https://Hoster.Hoster.net.au" -SiteSubscription 9f9a1584-fde0-4d09-b252-ca18b956f717 -Host HeaderWebApplication "SharePoint Hosting" -OwnerAlias "Hoster\administrator1" -OwnerEmail administrator@Hoster.net. au -Template sts#0 + CategoryInfo : InvalidArgument: (Microsoft.Share...SPCmdletNewSite:SPCmdletNewSite) [New-SPSite], Argum entException + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSiteAm I missing something obvious?
-
Monday, August 13, 2012 7:04 AMOK, it looks like what I did to try and setup HTTPS didn't work. I managed to get a site setup, but only using HTTP. As this will be accessible over the internet, we need it to use HTTPS. Have you got a link to an article I can follow to get this set up right?
-
Saturday, August 18, 2012 5:03 AMI managed to work out what was going wrong and why it wasn't working properly. I had put the https reference in the wrong spot. For some reason I had put the settings as an intranet setting and not the default. Changing the default allowed the sites to come up using https. But now I am having a different issue where another part of the script isn't working, but I will post this later as I don't have the error in front of me.
-
Monday, August 20, 2012 7:09 AM
Hello Tim,
Thank you for your post. Good to know that you found out the details. Looks like you had Extended & mapped the Site to SSL & not created a Web-application using SSL which is required , You can deploy on SSL simply altering the port and using the -SecureSocketsLayer switch. So you have to Create the Web-app as HTTPS & move that URL going forward ..
$webApp = New-SPWebApplication -ApplicationPool $waAppPoolName -ApplicationPoolAccount
$waAppPoolAccount -Name $webAppName -Port 443 -SecureSocketsLayer -AuthenticationProvider $authProvider -DatabaseName $contentDBNamehttp://technet.microsoft.com/en-us/library/cc288637.aspx#section6
To configure SSL for host-named site collections, enable SSL when creating the Web application. This will create an IIS Web site with an SSL binding instead of an HTTP binding. After the Web application is created, open IIS Manager and assign a certificate to that SSL binding. You can then create site collections in that Web application
Also , when provisioning each tenant, use SSL by replacing http:// with https://
http://www.harbar.net/archive/2010/09/14/sp2010mt6.aspx
Thanks..
Regards,
Manas Biswas
Microsoft Online Community Support
Please remember to click 'Mark as Answer' on the post that helps you or click 'Unmark as Answer' if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.- Edited by Manas-MSFTMicrosoft Employee Monday, August 20, 2012 7:12 AM
-
Monday, August 20, 2012 11:53 AM
Try to install SSL like below mentioned
http://salaudeen.blogspot.in/2012/03/configuring-ssl-certificates-in.html
- Edited by Rajkumar Gajji Monday, August 20, 2012 11:53 AM
- Proposed As Answer by Salaudeen Rajack Saturday, September 08, 2012 7:46 PM
