Forum Discussion
SharePoint 2010 Homepage Not Encrypted
Hi, we have SharePoint 2010 farm with 3 front-end servers load balanced via F5 Big IP. We recently had request that need to encrypt our SharePoint site with SSL. Our F5 admin setup SSL offloading and I follow all the steps in F5-SharePoint setup manual f5-sharepoint-2010-dg.pdf. For some reason our homepage always not encrypted and other areas were encrypted. Why our homepage wasn't encrypted? Are there any additional steps that I need or F5 administrator to configure?
Thanks Tee
- Kevin_Stewart
Employee
If I had to put money on it, I'd say SharePoint's alternate access mapping (AAM) is getting in the way. Three questions:
-
Do you get an immediate redirect to an HTTP:// address when you access via HTTPS://?
-
Do you have an HTTP VIP for this site?
-
Do all of the resources (homepage and other areas) have the same host name and go through the same VIP?
-
- t69_89817
Nimbostratus
-
Do you get an immediate redirect to an HTTP:// address when you access via HTTPS://? No, I don't get redirect. If I enter http:// it will stay this way when I browse sites, pages. Same case for https://
-
Do you have an HTTP VIP for this site? Yes, I believe so since I am able to browse our site via http://.
-
Do all of the resources (homepage and other areas) have the same host name and go through the same VIP? Yes, all the resources had the same host name and go through the same VIP
-
- Kevin_Stewart
Employee
If I enter http:// it will stay this way when I browse sites, pages. Same case for https://
If you go directly to the HTTPS:// version of the homepage, do you stay on the HTTPS:// site? What other indication do you have that the homepage is "always not encrypted"?
- t69_89817
Nimbostratus
If I go to the https:// version of the homepage, it will stay on http://, however, I don't see SSL lock icon:
and if I go to subsite like news: it contain SSL lock icon
- Kevin_Stewart
Employee
Interesting. So if you're certain that everything is going through the same VIP and is using the same host name, can you:
-
Run a capture on the browser side (ie. HTTPWatch or Fiddler) and observe the URLs that the browser is requesting. Are they all HTTPS?
-
Disable the port 80 VIP.
-
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com