locked
Issues publishing Sharepoint 2010 over SSL RRS feed

  • Question

  • UAG 4.0.1752.10000

    Sharepoint 2010

     

    I am able to publish a sharepoint 2010 site over http using UAG, but if i create the trunk using https, the page will not load unless i use the full web address. (This occurs on my laptop lab, and also works Dev Lab)

    SSL Certificate was create using Selfssl7

    e.g

     

    http://blog.testing.com  - Fails (i recieve 2 Certificate prompts, i believe one for my website, then one when it redirects to the portal)

    http://blog.testing.com/default.aspx - Works (1 Certificate prompt)

    https://blog.testing.com - Fails (i recieve 2 Certificate prompts)

    https://blog.testing.com/default.aspx - Works (1 Certificate prompt)

     

    I also found another thread with multiple users having the same issue, but no resolution

    (Just searching for the other thread again)

    (Authentication has been disabled except on the trunk re-direct, if you disable authentication here, W3MP.exe will use all available memory and crash the server...)

     

    Web Monitor output :

    A request on trunk portal; Secure=1 failed because of an unknown application. The URL is /default.aspx. The source IP address is 192.168.5.102. The user is .

     

    http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag/thread/ee67c854-0d54-44c3-9bfe-13180d48ed0d/

     

    Cheers






    • Edited by Michael.McLaren Wednesday, August 31, 2011 4:24 AM Found similiar issue
    Wednesday, August 31, 2011 4:22 AM

Answers

  • I have re-created the trunk, though i am still having this issue on both environments.

    I would have assumed since it works over http that the AAM settings are not the issue. 

    AAM Settings:

    Internal URL                                    ZONE        PUBLIC URL for Zone

    http://sp01:15003                       DEFAULT        http://sp01:15003

    http://sp01                                   DEFAULT        http://sp01

    http://blog.testing.com                Internet        http://blog.testing.com

    Hi Michael,

    Actually the assumption that the AAM settings are not the issue because "it works over HTTP" is wrong, and the issue is exactly there! :)

    The AAM settings need to be so that the URLs point to whatever it is that you configured UAG to use as the public host name for the SharePoint application. That means that UAG does not have to re-write the URLs and links build by SharePoint.

    In your case, I do not see any AAM setting that has a Public URL starting with https://. However, your UAG trunk is an HTTPS one. So this is an issue.

    So you need to add an additional AAM, which maps the Internal URL http://blog.testing.com to the Public URL https://blog.testing.com

    Regards,

     

     


    -Ran
    • Proposed as answer by MrShannon Thursday, September 8, 2011 8:40 PM
    • Marked as answer by Michael.McLaren Tuesday, November 8, 2011 12:49 AM
    Thursday, September 8, 2011 9:52 AM

All replies

  • Hi Michael,

    You seem to be experiencing quite a lot of issues. I assume that you have some misconfiguration in either or both UAG or/and SharePoint's AAM settings.

    I would recommend that you delete the trunk or at least the SharePoint application published via this trunk, and then configure it again, from scratch, by following the recommendations in this UAG Team Blog post: http://blogs.technet.com/b/edgeaccessblog/archive/2008/10/13/publishing-sharepoint-with-iag-2007-part-3-sharepoint-topologies.aspx (the article was published for IAG, but it is still relevant for UAG).

    Also, if you want, maybe you can post here your AAM settings for the SharePoint application, and the public host names you configured for UAG and the SharePoint application.

    Regards,

     


    -Ran
    Wednesday, August 31, 2011 6:17 AM
  • I have re-created the trunk, though i am still having this issue on both environments.

    I would have assumed since it works over http that the AAM settings are not the issue. 

    AAM Settings:

    Internal URL                                    ZONE        PUBLIC URL for Zone

    http://sp01:15003                       DEFAULT        http://sp01:15003

    http://sp01                                   DEFAULT        http://sp01

    http://blog.testing.com                Internet        http://blog.testing.com

     

    Name :                                            URL

    Central Administration                  http://sp01:15003

    Sharepoint - 80                            http://sp01

    The only "Configurations on the HTTPS trunk made"

    Disabled Installation of Components

    Disabled Authentication

     

    Default Portal Page, assigned to "My Blog" website.

     

    https://blog.testing.com

    Error :

    You are not authorized to access this application.

    For assistance contact the site administrator.

    https://blog.esting.com/default.aspx

    Success

     

    Anyone else have any ideas ?

     

     

     

     



    Monday, September 5, 2011 11:29 PM
  • Anyone have any idea ?
    Thursday, September 8, 2011 8:26 AM
  • Anyone have any idea ?
    Thursday, September 8, 2011 8:26 AM
  • Hi Michael,

    i would recommend to not change the AAM during UAG publishing. So create a https://blog.domain.com AAM for the blog website and then publish the site using SSL-to-SSL bridging.

    Furthermore make sure UAG will use different FQDNs for your Trunk (e.g. trunk.domain.de) and for Blog access (e.g. blog.domain.de). On this way you're allowed to publish the website "/" root of your Blog web site. This will most likely eleminate the "Access Denied" message you see when using not the full address.

    Regarding the certificate messages you see i have no further hints, exept to not use self signed certificate at all^^ :)

    -Kai

     


    • Edited by Kai Wilke Thursday, September 8, 2011 10:26 AM
    Thursday, September 8, 2011 8:39 AM
  • I have re-created the trunk, though i am still having this issue on both environments.

    I would have assumed since it works over http that the AAM settings are not the issue. 

    AAM Settings:

    Internal URL                                    ZONE        PUBLIC URL for Zone

    http://sp01:15003                       DEFAULT        http://sp01:15003

    http://sp01                                   DEFAULT        http://sp01

    http://blog.testing.com                Internet        http://blog.testing.com

    Hi Michael,

    Actually the assumption that the AAM settings are not the issue because "it works over HTTP" is wrong, and the issue is exactly there! :)

    The AAM settings need to be so that the URLs point to whatever it is that you configured UAG to use as the public host name for the SharePoint application. That means that UAG does not have to re-write the URLs and links build by SharePoint.

    In your case, I do not see any AAM setting that has a Public URL starting with https://. However, your UAG trunk is an HTTPS one. So this is an issue.

    So you need to add an additional AAM, which maps the Internal URL http://blog.testing.com to the Public URL https://blog.testing.com

    Regards,

     

     


    -Ran
    • Proposed as answer by MrShannon Thursday, September 8, 2011 8:40 PM
    • Marked as answer by Michael.McLaren Tuesday, November 8, 2011 12:49 AM
    Thursday, September 8, 2011 9:52 AM