将现有Sharepoint 2013 On Premise从http更改为https [英] Changing existing Sharepoint 2013 On Premise from http to https
问题描述
您好,我已阅读了大量文章并搜索网络,试图找出如何将我的Sharepoint网站切换为https。 很多文章互相矛盾,所以我对如何做到这一点感到茫然。 有些网站说我需要取消扩展,然后
重新扩展网络应用程序,其他人说要使用AAM和IIS绑定,但是重置默认区域以使用https存在问题。 请注意,我使用的是主机命名的网站集。无论如何,这就是我拥有的以及我想要实现的目标:
Hello, I've read numerous articles and scoured the net to try and figure out how to switch my Sharepoint sites to https. A lot of articles contradict each other and so I am at a loss on how to do this. Some sites say I need to un-extend and then re-extend the web application, others say to use AAM and IIS bindings but there is an issue with renaming the default zone to use https. Please note that I am using host named site collections. Anyway, this is what I have and what I'd like to achieve:
服务器列表:
1 WFE
1 APP
1 SQL
这是我的网站集列表:
http:// servername - Web应用程序/根网站集 -
使用Windows NTLM身份验证(基于声明) - 此网站未被使用
http://servername - web application / root site collection - Using windows NTLM authentication (Claims Based) - this site is not being used
http://portal.domain.org - 默认区域中的HSNC - (这是我的"Intranet"并使用母版页和自定义)
http://portal.domain.org - HSNC in default zone - (This is my "Intranet" and uses master pages and customization)
http://portal.domain.org/policies/存储库 - 默认区域中具有托管路径的HSNC(用于管理策略的Sharepoint解决方案
和过程)
http://portal.domain.org/policies/repository - HSNC with managed path in default zone (Used for a Sharepoint Solution to manage policies and procedures)
http://portaldev.domain.org - 默认区域(开发站点)中的HSNC
http://portaldev.domain.org - HSNC in default zone (Dev site)
至少,我希望http://portal.domain.org成为https。 如果用户在浏览器中输入http,则应自动将其重定向到https。我不希望用户使用http访问该网站集。
At minimum, I'd like http://portal.domain.org to be https. If a user enters http into the browser it should automatically redirect them to https. I don't want users accessing that site collection using http.
我的想法:
我不能仅使用AAM / IIS绑定,因为它不会在"默认"中设置网址。这是我需要的区域,以便在找不到映射时默认为https。
I can't use AAM/IIS Binding ONLY, because it won't set the URL in the "default" zone which is what I need so that it will default to https when mapping is not found.
如果我没有,我不想使用非扩展和重新扩展到群组。它看起来更复杂,就像更多东西可能出错并且Web服务器上的开销更多。我对这方面的步骤也不是100%肯定。 但是,如果我需要
,我会使用这个。
I don't want to use un-extend and re-extending if I don't have to. It looks more complex, like more things can go wrong and more overhead on the web server. I'm also not 100% positive on the steps for this either. However, I would use this if I needed to.
达到此目的的最佳方法是什么? 我在网上看了很多文章,并没有遇到过我会100%确定的尝试。 请注意 - 我没有测试环境。
What is the best way to achieve this? I've looked at many articles on the web and haven't come across one that I would try with 100% certainty. Please note - I do not have a test environment.
谢谢。
推荐答案
您好
您最初应该拥有https证书。
You should have a https cert at first.
1 。在IE中将证书出口到sharepoint WFE。
1.export the cert to sharepoint WFE in IIS.
2.在iis网站中绑定https网址。
2.binding https url in the iis site.
3.在sharepoint中配置aam。
3.configure aam in sharepoint ca.
然后,您可以访问https网址。
then, you can access the https url.
这篇关于将现有Sharepoint 2013 On Premise从http更改为https的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
