Alexander Anikin's blog

My personal blog

How to create Certificate for Sharepoint 2010 Web Application with SSL

leave a comment »

  1. First of all you should create certificate which will be using in web application

    1. Go to sharepoint web front server and open IIS manager

    2. Click on web server, find and open server certificates in properties

    3. Click on “Create Certificate Request…”

    4. Provide “Distinguished Name Properties” (common name is name of certificate in store) and then click “Next” button

    5. Select “Cryptographic service provider” and “Bit length” and then click “Next” button

    6. Specify a file name and save certificate request

    7. Go to Active Directory Certificate Services: enter in browser http://<domain_controler>/certsrv

    8. Click on “Request a certificate”, then click on “advanced certificate request”, then click on “Submit a certificate request by using a base-64-encoded CMC or PKCS#10 file, or submit a renewal request by using a base-64-encoded PKCS#7 file ”

    9. Copy base-64-encoded request from the file which was created on step f

    10. Paste it in “Saved Request” text area, select “Web Server” item in “Certificate Template” drop down list and then click “Submit” button

    11. Check “Base 64 encoded” radio button and then click “Download certificate”

    12. Install certificate to “Trusted Publishers” store

    13. Then go to server certificates in IIS manager again and click on “Complete Certificate Request”, specify the path to certificate and the friendly name (site host header), click “OK” button

Result: certificate was successfully created and added to IIS server certificates (the name of certificate is site host header)

Note: repeat all steps for all web front end servers to create certificates on each machine


  1. Second one you should create sharepoint web application

    1. Go to central administration, then click manage web applications

    2. Click “New” to create new web application

    3. Select “Claims based authentication” option

    4. Specify port 443

    5. Specify host header (should be equal certificate name)

    6. Select “Use SSL” option

    7. Select Negotiate (Kerberos) or NTLM (do not know differences )

    8. Use managed account for application pool (like “SPAdmin”. It is important because we will make configurations for this account in AD and etc.)

    9. Click “OK” button

    10. Create site collection


Written by Alex Anikin

December 21, 2010 at 1:44 pm

Posted in Security, Sharepoint

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: