+ Post New Thread
Results 1 to 12 of 12
Windows Server 2008 R2 Thread, Sharepoint 2010/TMG SSL in Technical; I'm not sure if this is the right place to put this post but wasn't too sure where else I ...
  1. #1
    craigg's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham, UK
    Posts
    175
    Thank Post
    15
    Thanked 9 Times in 6 Posts
    Rep Power
    15

    Sharepoint 2010/TMG SSL

    I'm not sure if this is the right place to put this post but wasn't too sure where else I could post.

    We currently have a sharepoint 2010 farm running internally which is then accessed externally via our TMG server.

    I have got SSL working on the web listener for our main sharepoint domain sharepoint.cadcol.ac.uk but my issue is getting our My Site setup to use the same certificate.

    I have been informed by our certificate service that they don't support wildcards unless it is on a subdomain, which we don't want.. so that leaves me with SAN certificates.

    Has anyone done it this way? Or know of any information that would help?


    Thanks in advance

  2. #2
    apearce's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham
    Posts
    413
    Thank Post
    34
    Thanked 175 Times in 110 Posts
    Rep Power
    43
    is your SharePoint 2010 Mysites in the same web app?

  3. #3

    Join Date
    Feb 2007
    Location
    Wolverhampton
    Posts
    330
    Thank Post
    18
    Thanked 35 Times in 33 Posts
    Rep Power
    21
    Internally, what address are your users connecting to access MySite?

  4. #4
    craigg's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham, UK
    Posts
    175
    Thank Post
    15
    Thanked 9 Times in 6 Posts
    Rep Power
    15
    Hi guys,

    sorry its taken a while to get back.

    Apearce:

    I believe I have created a seperate webapp for my site with the AAM of my.cadcol.ac.uk

    Deano

    I am trying to keep our internal and external URLS the same so internally staff would use sharepoint.cadcol.ac.uk & my.cadcol.ac.uk

    Hope that answers your questions!

    Thanks for replying

  5. #5
    apearce's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham
    Posts
    413
    Thank Post
    34
    Thanked 175 Times in 110 Posts
    Rep Power
    43
    Quote Originally Posted by craigg View Post
    Hi guys,

    Apearce:

    I believe I have created a seperate webapp for my site with the AAM of my.cadcol.ac.uk
    Thanks for replying
    You should have a seperate certificate in the listener for my.cadcol.ac.uk.

    You can't do it all on the same certificate.

  6. #6
    craigg's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham, UK
    Posts
    175
    Thank Post
    15
    Thanked 9 Times in 6 Posts
    Rep Power
    15
    OK, that makes sense.

    I have got the two urls running on the same listener. The only issue is - doesnt tmg moan if you try and create a new listener with the same port and IP address?

  7. #7
    apearce's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham
    Posts
    413
    Thank Post
    34
    Thanked 175 Times in 110 Posts
    Rep Power
    43
    you want one listener with 2 rules.

    The listener does the authentication but needs to know the URL, IP and if you are running https it also needs to the certificate.

    You then point the rules one for sharepoint home and one for my at the same listener so you also get single sign on.

  8. #8
    craigg's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham, UK
    Posts
    175
    Thank Post
    15
    Thanked 9 Times in 6 Posts
    Rep Power
    15
    I ment to say rules before not urls ha.

    So to clarify - I have two rules - 1: sharepoint 2: my both assigned to one listener.

    I've got the sso set in the listener - but am unsure where i add the second certificate for "my". Or does that just sit on the server?

    Sorry if im getting lost here.

  9. #9
    apearce's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham
    Posts
    413
    Thank Post
    34
    Thanked 175 Times in 110 Posts
    Rep Power
    43
    this is off the top of my head - I can't remember but i think its the listener - if its not - its the rule.

    My heart is telling the listener

  10. #10
    craigg's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham, UK
    Posts
    175
    Thank Post
    15
    Thanked 9 Times in 6 Posts
    Rep Power
    15
    You do assign the certificate in the listener.. the only issue is that it only gives you the option to assign a single cert for the web listener or one for each ip address. It doesn't give the option to add a second certificate.

    I just forwarded your url to our web dev. He said he met you the other week at walsall. Small world.

  11. #11
    apearce's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham
    Posts
    413
    Thank Post
    34
    Thanked 175 Times in 110 Posts
    Rep Power
    43
    Quote Originally Posted by craigg View Post
    You do assign the certificate in the listener.. the only issue is that it only gives you the option to assign a single cert for the web listener or one for each ip address. It doesn't give the option to add a second certificate.

    I just forwarded your url to our web dev. He said he met you the other week at walsall. Small world.
    I need to be infront of a box to see it - I'll start install a TMG box later today.

  12. Thanks to apearce from:

    Trapper (16th February 2011)

  13. #12
    craigg's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham, UK
    Posts
    175
    Thank Post
    15
    Thanked 9 Times in 6 Posts
    Rep Power
    15
    Issue solved!

    I created a SAN certificate using the custom request option from within the Certificates MMC. So now i can use a single cert for both sites.

    Thanks for all your help!

SHARE:
+ Post New Thread

Similar Threads

  1. Problem with TMG, RDWeb and SSL
    By Gatt in forum Internet Related/Filtering/Firewall
    Replies: 10
    Last Post: 29th November 2010, 07:26 PM
  2. TMG 2010 Proxy Authentication
    By localzuk in forum Internet Related/Filtering/Firewall
    Replies: 1
    Last Post: 4th November 2010, 10:37 AM
  3. Microsoft TMG 2010 Client
    By neilault in forum Internet Related/Filtering/Firewall
    Replies: 6
    Last Post: 16th October 2010, 12:50 PM
  4. TMG 2010 URL Filtering
    By GoldenWonder in forum Internet Related/Filtering/Firewall
    Replies: 11
    Last Post: 14th October 2010, 11:06 AM
  5. TMG 2010 publishing
    By localzuk in forum Windows Server 2008 R2
    Replies: 5
    Last Post: 27th September 2010, 01:11 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •