We have a SharePoint Server in a farm with SQL Server and Active Directory Server. and we are trying to create a self-signed certificate for use in SP App. The farm is hosted on CloudShare and we are unsure if the certificate is provided? or if you have manually create one.
if we have to manually create one, can you provide steps on how to do so?
Thanks
You can create a self-sign certificate from IIS for your local development.
Please follow the below url it will help you to create the self-sign certificate
https://blogs.msdn.microsoft.com/shariq/2013/05/07/how-to-set-up-high-trust-apps-for-sharepoint-2013-troubleshooting-tips/
Related
I followed this link https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-rm-ps#Certificates to create a VPN in Azure. So,
I created a root certificate and uploaded to management portal.
Used PS script to create the VPN
Created client certificate and installed the VPN Client package.
My VPN is working as expected. My question is now can I delete this certificate from management store now ? Is it must to upload the certificate to management store to create this VPN ? How does the authentication works in this case ?
My question is now can I delete this certificate from management store
now ?
By default, we can't delete this certificate.
Is it must to upload the certificate to management store to create
this VPN ?
Yes, we have to upload the certificate to it, it is a by design behavior.
We can publish our public certificate to Internet, we only should keep the private certificate.
How does the authentication works in this case ?
Here a blog about how does certificate-based authentication work, please refer to this link.
you cannot delete the root certificate that you uploaded to Azure. It is used to authenticate the certificates presented by the connecting clients.
We have not been able to Set up Commercial SSL Certificate for SharePoint 2013 Web Application and Site Collections Hosted on Azure after so many attempts.
Our SharePoint 2013 web application and site collections are set up on Azure and we have to use the http://mycompanyname.cloudapp.net domain.
When we try to down the trial VeriSign SSL Certificate, we could not use http://mycompany.cloudapp.net domain so we had to use www.mycompany.com domain to download the Trial SSL Certificate.
As a result, the SSL Certificates were not configured successfully.
Please could you guide me how to Set up Commercial SSL Certificate for SharePoint 2013 Web Application and Site Collections Hosted on Azure?
Thank you very much in advance for your kind advice.
You need to deploy a custom domain that matches the one you registered for your certificate. Depending on how you have deployed your farm you may need to deploy the SSL certificate in a range of locations. I'd start by following this guide: http://azure.microsoft.com/en-us/documentation/articles/cloud-services-configure-ssl-certificate/
I have deployed the thinktecture identity server in the windows azure website role.The issue I am facing is with the SSL certificate.If I don't have a custom domain name I am forced to use *.azurewebsites which already have a certificate from microsoft and the app pool account is not able to read the private key of this certificate so it's throwing an error.
Did someone have the same issue or any ideas about what I can do to resolve it.
Thanks
The SSL and signing certificate don't need to be the same. Use the MS SSL cert (for now) and generate a separate cert for signatures. That cert can then be uploaded so that you can programmatically access it.
During the development, we didn't get the domain binding for our application, so we just use the Azure URL, something like this: xxx.cloudapp.net.
Because we would like our website use HTTPS protocol, we need to use a certificate, just follow the MSDN, we generated the self-signed pfx file using IIS Manager. Before we publish our application to cloud, we upload the pfx file to cloud by the portal page.
So my question is, is above the only way for this situation? Which I means, I need to upload the certificate to cloud manually first, then publish the application? Is there a way I don't need to to this, something like I even not rely on IIS Manager, the cloud can generate a certificate?
Simple answer to your question is No, Azure can't create a certificate for you. But you could do the same.
To elaborate further, let me explain you what's happening behind the scenes. So you have uploaded the PFX certificate in the portal and in your application configuration screen you have specified the thuumbprint of that certificate. When Azure Fabric Controller spins of the VM, it checks for this certificate thumbprint and based on that it fetches the certificate you uploaded previously and installs that certificate. Furthermore it makes changes to the IIS settings does the SSL magic. Now if you want (not sure why) but you could do the same. If we take just development environment, what you could do is write a startup task which would first create a certificate using makecert utility. Then you would write some IIS scripts which will do the SSL magic for IIS.
Yet another thing you could do is automate the deployment of your code using Azure PowerShell Cmdlets. As a part of deployment automation, 1st thing you would do is upload the SSL certificate using Add-AzureCertificate and then create a deployment of your service using New-AzureDeployment.
Apologies for what is probably a question about a simple task but I'm brand new to Azure and a little worried I get this wrong. Actually, I have a new client and don't even have the access yet to their Azure yet have a proper look. The question is:
My new client has an existing MVC application running on IIS within Azure. This application must communicate with a third party SOAP (.asmx) web service that requires parts of the SOAP message to be signed using an SSL digital certificate.
So, I need to install the certificate on Azure. My problem is that the articles I have found deal with securing the website using the certificate and Https - which I don't want.
Can someone please point me to a good article (or show here if simple enough) that shows how to install it for the purpose of communicating with this third party service?
Any help is really appreciated here so that I can hit the ground running.
The approach for installing any certificate is the same. So you would use the same approach as you would for installing SSL certificate. So the steps would be:
Upload the certificate first in the cloud services certificate section. Note down the certificate thumbprint.
In Visual Studio, open up your role's properties and go to "Certificates" tab and specify that certificate thumbprint along with the certificate store location where you want this certificate to be installed.