Setting up HTTPS certificates

If we want to make proper node.js development for our SharePoint applications, we need to enable HTTPS for our project.

Add host name

Before we can create certificates for our development environment, we need to define host name for development site.

Click Search icon and type note too list Notepad.

Select “Run as administrator” from context menu.

SSL_OpenNotepad

Open C:\Windows\System32\drivers\etc folder.

Change File type to All Files.

Select hosts file and click open.

SSL_OpenHostsFile

Add new entry to hosts file with following information: 127.0.0.1 dev.sharepoint.local

SSL_EditHostsFile

Save file and close Notepad.

Creating certificates

I have used OpenSSL toolkit (https://www.openssl.org/) to generate certificates that I use for HTTPS. OpenSSL is open source toolkit, but they only provide source code.

Install OpenSSL client

You can install OpenSSL client from this location. http://slproweb.com/products/Win32OpenSSL.html.

I have used default settings for it so my application is installed to C:\OpenSSL-Win32. If you have installed it do different location, you need to check paths of next commands.

I have used this excellent post from Dieter Stevens as a base of this part of the post. https://blog.didierstevens.com/2015/03/30/howto-make-your-own-cert-with-openssl-on-windows/ He has shown step by step installation of the client so I won’t cover that in this document.

Note that default length for country name is 2 letters.
If your country has three letter country code, you need to change countryName_max value from openssl.cfg file before going forward.

Creating Certificates

When you have installed the client, you need to create a folder for certificates.

Open Command Prompt.

Go to Source folder.

Create DevCertificate folder and go there.

set RANDFILE= C:\Source\DevCertificate\.rnd
set OPENSSL_CONF=C:\OpenSSL-Win32\bin\openssl.cfg

SSL_CreateFolders

Start OpenSSL client

C:\OpenSSL-Win32\bin\openssl

SSL_OpenSSLExecute

genrsa -out ca.key 4096

SSL_OpenSSLCAGenRsa

req -new -x509 -days 1826 -key ca.key -out ca.crt

Country Name: (Enter 2 letter country code for your country).
State: (Enter your state)
Locality Name: (Enter your city)
Organizational Name: (Enter your company). I have added Development after company name, so that nobody actually thinks that this is real certificate.
Organizational Unit Name: (Enter your OU)
Common Name: sharepoint.local
Email address: (Enter your email address)

SSL_OpenSSLCAReq

genrsa -out dev_sharepoint_local.key 4096

SSL_OpenSSLDevGenRsa

req -new -key dev_sharepoint_local.key -out dev_sharepoint_local.csr

Country Name: (Enter 2 letter country code for your country).
State: (Enter your state)
Locality Name: (Enter your city)
Organizational Name: (Enter your company). I have added Development after company name, so that nobody actually thinks that this is real certificate.
Organizational Unit Name: (Enter your OU)
Common Name: dev.sharepoint.local
Email address: (Enter your email address)
Challenge password: (Enter proper password or leave empty)
Optional company name: (Leave empty)

SSL_OpenSSLDevReq

x509 -req -days 730 -in dev_sharepoint_local.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out dev_sharepoint_local.crt

SSL_OpenSSLx509

pkcs12 -export -out dev_sharepoint_local.p12 -inkey dev_sharepoint_local.key -in dev_sharepoint_local.crt -chain -CAfile ca.crt

SSL_OpenSSLPkcs12

Installing certificates

Before you can use certificates you need to install those to local machine.

Go to C:\Source\DevCertificate.

Install Root certificate

Select ca.crt file and select Install Certificate from context menu.

SSL_ExplorerCA

Select Current User and click next.

SSL_StoreLocationCA

Select Place all certificates in the following location and click Browse…

Select Trusted Root Certification Authorities and click OK.

Click Next

SSL_CertStoreCA

 

Click Yes to security warning.

SSL_SecurityWarningCA

Click OK to close final dialog.

Install development certificate

Select dev_sharepoint_local.crt file and select Install Certificate from context menu.

SSL_ExplorerDev

Select Automatically select the certificate store based on the type of the certificate.

Click Next

Click Finish

Click OK to close final dialog.

SSL_CertStoreDev

Now you have successfully created one root certificate and one certificate for development server.

One thought on “Setting up HTTPS certificates

Leave a Reply

Your email address will not be published. Required fields are marked *