SharePoint Pals
 | Sign In
How to Create HTTPS/SSL enabled WebApplication with HostHeader in SharePoint 2013 Using PowerShell
by Sathish Nadarajan 9 Jan 2014
Author
SharePoint MVP
Visits   
Today  :   12     Total  :    22773

In some old articles, we saw about creating various types of WebApplications. Hope we are familiar with creating various web applications. Here, I faced another challenge. Thought of sharing that to the Community.

The requirement was something like, I want a web application, whose URL should be like https://MYDevelopmentSite.ss.loc:1000/Sites/MyDeveloperSite instead of https://Servername:1000/Sites/MyDeveloperSite. We may think, that, this is very simple. Even I thought the same thing. That is, this is going to be a straight forward one. But, the problem here is the site is SSL Enabled one.

Let us see, how to create the web application using power shell and discuss about the problem and the error faced later.

 $ap = New-SPAuthenticationProvider
 
 New-SPWebApplication -Name "MyDevelopmentSite" -DatabaseName "WSS_Content_MyDevelopmentSite" -HostHeader "MyDevelopmentSite.DC07.Loc" -Port 4001 -ApplicationPool "MyDevelopmentSite" -ApplicationPoolAccount "DC07\SPFarm" -URL "https://MyDevelopmentSite.DC07.Loc" -AuthenticationProvider $ap –SecureSocketsLayer
 

This will create the WebApplication with a host header. And the URL of the WebApplication would be https://MyDevelopmentSite.dc07.loc:4001/

Let us go to the Central Administration to confirm whether the web app has been created or not.

image

Yes, it got Created.

Now, let us create a Sitecollection on this web application with the below script.

 $template = Get-SPWebTemplate "PRODUCTCATALOG#0"
 
 #$template
 
 New-SPSite -Url "https://MyDevelopmentSite.DC07.Loc:4001/sites/ProductCatalogTestSite" -OwnerAlias "Administrator@dc07.loc" -Template $template -Name "Product Catalog Test Site" 
 

The Site Collection has been created. Now, try accessing the Site Collection by the URL specified above.

image

When try accessing this URL, We can see the below error message.

image

“The Webpage is not available” is a very weird exception. I know, everyone will get angry by seeing this exception. But once, we faced this, then this is a very simple exception.

The reason for this one is, this is SSL enabled. But till now, we haven’t binded any certificate for this web application. Let us do that by going to the IIS. The steps are as follows.

1. Open the inetmgr.

2. Create a SSL. To create, have a look on this article.

3. Bind the Certificate to the WebApplication Created. Refer here to do that.

Once, we done with the binding and try opening the page, again, we may not have smile on our face. The below page will be thrown on our screen.

You attempted to reach mydevelopmentsite.dc07.loc, but instead you actually reached a server identifying itself as C4968397007.DC07.Loc. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of mydevelopmentsite.dc07.loc.

The screen would be something like

image

When we see this kind of exception, the immediate action item would regarding the Certificate. The Certificate, which we created from our IIS (Self-Signed Certificate) is the one which causes this exception. If you have a look at the Certificate, the “Issued To” would be the Machine Name.

image

Now, we need to change the “Issued To” field. That we cannot do for a self-signed certificate. At that, time, there is no other go, that we need to create a Domain-Certificate. For that, we require the Domain Certificate Authority. We had already seen enough information about the Certificate Authority and the Domain Certificates in the previous posts.

For reference, I am giving the links here.

http://www.sharepointpals.com/post/Installing-Certificate-Authority-by-Active-Directory-Certificate-Services-on-Windows-Server-2008-R2

http://www.sharepointpals.com/post/Creating-a-Domain-Certificate-from-Certificate-Authority-through-IIS-Server

http://www.sharepointpals.com/post/Creating-a-Domain-Certificate-from-Certificate-Authority-through-MMC

Let us Assume that, we are creating the Domain Certificate from IIS itself. Since that is the easiest approach. The important thing we need to note down is the “Common Name”

image

This should match the host header. This is the actual problem.

Then the created certificate would be

image

Now, map this certificate to the web application, which we created and try login.

Thus we created a web application with a host header and mapped that to a Domain Certificate.

image

In the next posts, we will see some more interesting requirements which I faced.

Happy Coding.

Sathish Nadarajan.

blog comments powered by Disqus

SharePoint Pals

Pals
SharePoint Pals, a community portal for SharePoint developers, Administrators and End Users. Let's join hands and share the point together.
Read this on mobile

Training

Angular Js Training In Chennai
Advanced Angular Js training with real world developer scenarios
Angular Js, Web Api and Ionic for .Net Developers
All in one client side application development for .Net developers
Angular Js For SharePoint Developers
Get ready for the future. Its no more just C#

Get Connected

SharePoint Resources

SharePoint 2013 and 2010 Web Parts
Free Web Parts with Source Code for SharePoint Community




SharePoint 2013 Books and Tutorials
Collection of free SharePoint 2013 books and tutorials (eBooks, pdfs)

Supported By

Contribute your article and be eligible for a one month Free Subscription for Plural Sight. The Author of the most popular New Article (published in the previous month) will be awarded with a Free One month Plural Sight Subscription. Article can be sent to articles@sharepointpals.com in a word document.

Related Resources

Recent Tweets

Twitter January 15, 00:25
How To Enable Target Value And Actual Value In #D3 Gauge Chart https://t.co/VxSi4QnNrC

Twitter January 15, 00:24
How To Open #SharePoint List Hyperlink Column In Modal #Popup Window https://t.co/EQ7HkoZDkX

Twitter January 15, 00:24
Quick Introduction To #Asp.NetCore And It’s Features https://t.co/zAXObHCFpH

Twitter January 15, 00:22
How To Configure #PerformancePoint Services To Use Secure Store In #SharePoint 2013 https://t.co/LEwnUoI7EY

Twitter January 15, 00:21
How To Block Or Disable #Office365 Services https://t.co/Yvp2VPFIRP

Follow us @SharePointPals
Note: For Customization and Configuration, CheckOutRecent Tweets Documentation