Configuring access - Configuring the Microsoft Windows SharePoint Services connector to run with SSL

You can connect any SSL enabled Internet Information Services (IIS) server and uses Web services.

About this task

The SharePoint connector requires the.NET application to be deployed on the same application server where the SharePoint server is running. This .NET application uses SharePoint APIs and exposes a set of Web services APIs that are used by the connector. If the Internet Information Services (IIS) application server has SSL enabled, then the SharePoint connector also needs to have SSL enabled.

You will need the e-mail that the certificate authority, such as VeriSign, sent you with your certificate and various credentials.

CERT_HOME is the certificate authority's home directory.

To configure the SharePoint connector to run with SSL:

Enable the server to use SSL. By default, the IIS application server runs through HTTP access. You must create a certificate request for the server. The server is the same system where IIS is running.
1. Start the Internet Information Services (IIS) Manager tool.
2. Right click on the Web site and select Properties.
3. Select the Directory Security tab.
4. Go to Secure communications and click Server Certificate.
5. Select Prepare the request now, but send it later.
6. Enter a file name for the certificate. For example: machine1_SSL
7. Add the common name setting. Use the hostname of the system.
8. Fill in the rest of the information accordingly, and click Finish.
Install the certificate from the certificate authority to your Web server.
1. Copy and paste the text from the e-mail you received from the certificate authority and that contains the certificate into a text document. Name the document with the extension .cer.
2. Start the Internet Information Services (IIS) Manager tool.
3. Right-click the Web site, and select Properties.
4. Select the Directory Security tab.
5. Click Server Certificate.
6. Select Process the pending request and install the certificate.
7. When prompted for the certificate file, give the file path to the certificate file that you saved in step 2a.
8. Accept the defaults for the rest of settings. Note the assigned port number.
Enable SSL in the Web server.
1. Start the Internet Information Services (IIS) Manager tool.
2. Right-click the Web site and select Properties.
3. Select the Directory Security tab.
4. Select the Require secure channel (SSL) check box.
5. Restart the Web site. To test the configuration, follow the directions provided in the certificate authority's e-mail as needed for your Web browser, and then try to get the WSDL file that is used by the connector.
Configure the SharePoint connector to use SSL. In the previous step, the client configuration tested was the Web browser. For this step, the client is the connector that consumes Web services.
1. Configure the JVM to use the certificate generated by the certificate authority. Locate the key tool in the JAVA_HOME/bin folder.
2. Verify that the certificate you have is valid. In the tool, enter: keytool -printcert -file $CERT_HOME/certificate.cer.
3. Import the certificate from the certificate authority to your JVM. In the tool, enter keytool -import [-keystore keystore] -file $CERT_HOME/certificate.cer
  The -keystore option tells the key tool to use a particular key store. If none is specified, the tool uses the default key store. On AIX, HP-UX, Linux, and Solaris, the saved file is located in the user.home variable.
4. Verify that the certificate was successfully imported. In the tool, enter: keytool -list
5. Add the following text to the batch file that starts the RMI bridge: $JAVA_HOME/bin/java -Djavax.net.ssl.trustStore=$HOME/.keystore
6. Restart the RMI bridge.
Configure the connector to use HTTPS in the Content Integrator administration tool by setting the SharePoint Web site and Service Asmx settings appropriately.