1 / 19

SSL & SharePoint

SSL & SharePoint. IT:Network:Applications. Agenda. Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration. What is Secure Socket Layer?. SSL is the standard technology to create an encrypted link between a web server and a browser.

uma
Download Presentation

SSL & SharePoint

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SSL & SharePoint IT:Network:Applications

  2. Agenda • Secure Socket Layer • Encryption 101 • SharePoint Customization • SharePoint Integration

  3. What is Secure Socket Layer? • SSL is the standard technology to create an encrypted link between a web server and a browser. • All data passed between server and client is private • Requires a SSL certificate • Creating a SSL certificate includes: • Completing several questions regarding the identity of your site and complany • Web server creates two keys, public and private known as asymetric encryptiong • SSL has been succeeded by Transport Layer Security (TLS) which is based on SSL

  4. Encryption 101 • Single Key (Symmetric) encryption • One “key” or passphrase used to encrypt and decrypt • FAST – good for large amounts of data • How do you get the key across the network? • Ex: AES, DES, DES3 • Advanced Encryption Standard • Data Encryption Standard • Triple DES • Dual key (or Asymmetric or public key) encryption • Two mathematically related keys • Public – used to encrypt / verify signature • Everyone knows public key • Private – used to decrypt / sign • Only sender/receiver have private key • Slower functioning – not applicable for entire files • Ex: RSA, DSA

  5. Encryption 101 Asymmetric Encryption • Alice sends data and encrypts with Bobs public key • Can give public key to anyone • Bob receives Alice’s encrypted data. • Bob decrypts Alice’s data with private key • Only Bob has private key – Only Bob can decrypt request!

  6. Encyption 101 How do you know it’s my public key? • “Bad” server could claim to be web server for my bank • “Here’s my public key, encrypt your account and send it to me” • Why do we listen to the request? • Sent from a “trusted” site. Ie. A site “resembling” your bank

  7. Encryption 101 Certificates • Digital construct (X.509) that contains my public key and other info • Subject: who owns this key • Valid dates: start and expire • Issuer of certificate • etc • Issuer is someone we both trust • Browser recognized issuer, accepts cert • Browser doesn’t recognize issuer, rejects cert • Usually asks User what to do

  8. Encryption 101 How get cert • VeriSign, DigiCert, Thawte, GoDaddyetc • Pay them and they give you cert • Usually underwritten by big bank – TRUST • Recognized by most browsers – good for outside • Gen your own • e.g., Microsoft Certertificate Server (this is what we will do) • Microsoft CA (Certificate Authority) • e.g., OpenSSL – comes with Linux

  9. Encryption 101 Microsoft Certificate Service • Issues certificates for you – Acts as Certificate Authority (CA) • Can implement a CA hierarchy • Root server is at top – issues certs for other CA’s • Subordinate CA • Gets cert from “higher” CA – sort of like introducing it • Issues certs for “lower” CA’s & end servers • Can be Enterprise or Standalone • Enterprise requires a Domain Controller/Active Directory (Domain Member?) • Can automate issuing of some certs • Stand-alone can be on any Microsoft Server • Must do “issuing” yourself

  10. Encryption 101 • Two methods: • Self Signed • Request Certificate

  11. Encryption 101 Request Cert for Web site • Create Request

  12. Encryption 101 • Select Provider

  13. Encryption 101 • Provide Name

  14. Encryption 101 • Certificate for web site request

  15. Encryption 101 Creating Self Signed • Server CertificatesCreate Self SignedProvidenameEdit Site Bindings

  16. Encryption 101 Secure Web! • Browse by https:

  17. SharePoint Customization • Site collectionsgroup of Web sites that have the same owner and share administration settings, for example, permissions. When you create a site collection, a top-level site is automatically created in the site collection. You can then create one or more subsites below the top-level site. • Can be created through • Central Administration • PowerShell • SharePoint provides site collection templates for the following categories: • Collaboration • Meetings • Custom

  18. Sharepoint Email integration • Configure outgoing mail • SharePoint sends/receives emails for several reasons • Create alerts to track site items such as lists, libraries and documents • Site administrators can receive messages about site administrator issues such as site owners exceeding their storage space

  19. Sharepoint Email integration Configure incoming mail • 4 step process • Enable incoming email in SharePoint • Install the SMTP service on one of the SharePoint web servers • Configure Exchange to forward messages to SharePoint • Specify which lists and libraries will be mail enabled • More next week on this topic

More Related