Can I switch SharePoint to https and do not enforce TLS 1.2?

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/249875

Domanda

I am currently using http and I have not enabled TLS 1.2. Can I switch all web applications to https through IIS and AAM and leave the registry settings without any change (not enforcing TLS 1.2)? Is there any Microsoft guideline regarding this topic?

È stato utile?

Soluzione

Yes you can. You simply add the AAM to the Web App in Central Admin, then modify the IIS binding.

Altri suggerimenti

Even in SharePoint/Windows 2016, TLS1.2 is not enforced by default, TLS1.0 TLS1.1 and TLS1.2 are available to clients. If you want to restrict to TLS1.2 only, you must configure some stuff. I implemented several TLS1.2 only installations and can absolutely recommend it.

Implementing SSL with TLS1.0/1.1/1.2 requires the following steps:

  • Obtain a Certificate with the hostnames used in SharePoint
  • Change AlternateAccessMappings in CentralAdministration
  • Change Bindings in IIS-Manager
  • Optional: Implement a redirect from HTTP to HTTPS
  • Also remember to change several URLs inside SharePoint (Search-Center, MySite-URL in UserProfileService)
  • Check content for absolute links with HTTP
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a sharepoint.stackexchange
scroll top