本文详细介绍如何在SharePoint环境中创建并配置高信任应用。包括安装配置SharePoint 2013,设置自签名证书,配置SharePoint信任提供商托管服务器等步骤。
Reference
https://dev.office.com/sharepoint/docs/sp-add-ins/create-high-trust-sharepoint-add-ins
https://dev.office.com/sharepoint/docs/sp-add-ins/package-and-publish-high-trust-sharepoint-add-ins
- Install & configure SharePoint 2013 on-premise (not include) Install & configure provider-hosted server
- Window 2008 / 2012 with IIS and ASP.NET 3.5 / 4.5
- Web Deploy
- Open IIS and highligh <Server name>
- Double-click on Server Certificates in Feature View
- Click on Create Self-signed certificate in Actions
- Specify a name for certificate (HighTrustTest)
- Keep certificate store to Personal
- Click OK to finish
- Back to Feature View
- Right click on the certificate created in step 3 (HighTrustTest) and click Export
- Choose a destionation folder for saving pfx file and provide passowrd
- Back to Feature View
- Double-click on the certificate created in step 3 (HighTrustTest)
- Click Cope to File in Details tab
- Check "No, do not export the private key" in Export Private Key section
- Check "DER encoded binary X.509 (.CER)" in Export File format section
- Copy .cer file to any server in SharePoint farm
- Run below script wit PowerShell
-
$remoteCerPath= "C:\HighTrustTest.cer" $certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($remoteCerPath) New-SPTrustedRootAuthority -Name "HighTrustTestCert" -Certificate $certificate $realm = Get-SPAuthenticationRealm $issuerId = [System.Guid]::NewGuid() ## write down IssueId, will be userd in next $issuerIdentifier = $issuerId.ToString() + '@' + $realm New-SPTrustedSecurityTokenIssuer -Name "High Trust Test Cert" -Certificate $certificate -RegisteredIssuerName $issuerIdentifier -IsTrustBroker IISReset
- Set OAuth over HTTP
-
$serviceConfig = Get-SPSecurityTokenServiceConfig $serviceConfig.AllowOAuthOverHttp = $true $serviceConfig.Update()
扫一扫
17万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
