Install a SSL certificat to your Sitecore site

Posted byoliviermichel1Posted inAdmin, Install, Powershell
Cet article en francais

I was installing locally Sitecore XP 9.2 for a new project and saw that only HTTP was installed out of the box by the Sitecore Install Assistant to access the new site. In this short article, I will explain how to create a new Self Signed Certificate on your server, and create a HTTPS binding to your local site.

Create a self-signed SSL certificate

Open a powershell console and execute thw following command. Replace “xc92sc.dev.local” by your own site URL, and “MyXC92Cert” by a name of your choice. 

New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "xc92sc.dev.local" -FriendlyName "MyXC92Cert" -NotAfter (Get-Date).AddYears(5)

This will create a self-signed certificate for your site that is valid for 5 years.

Now you should copy this certificate to the Trusted Root Certification Authorities store.

Click on your Start button and type

certlm.msc

This will open the Certificates Microsoft Management Console.

In the left panel, open Certificates – Local Computer -> Personal -> Certificates and select your newly created certificate

Copy it in your clipboard (Ctrl+C). In the left panel, navigate to Certificates – Local Computer -> Trusted Root certification Authorities -> Certificates and paste (Ctrl + V) the certificate in the list on the right panel.

Add HTTPS binding

Open IIS, select your Sitecore site, and click on “Bindings…”.

Click on “Add…”. In the dialog “Add Site Binding”, change the Type to “https”, enter your host name and in the field “SSL certificate”, choose your newly created certificate.

Click OK, the new binding is now registered for your site.

Open a browser to surf to your site with https… Voilà !

Not so fast !!!

Sounds easy, right ?

But when I try to access the Sitecore admin with https, this is what happens…

This is because the Identity server is configured to accept only requests from the Url http://xc92sc.dev.local. We need to add the HTTPS Url to the identity server configuration.

This configuration is in the file {IDENTITYSERVER_ROOT}/Config/production/Sitecore.IdentityServer.Host.xml

Add your URL with https in Settings/sitecore/IdentityServer/Clients/DefaultClient/AllowedCorsOrigins/AllowedCorsOriginsGroup1, separated from the old value (http) with a pipe:

<DefaultClient>
  <AllowedCorsOrigins>
    <AllowedCorsOriginsGroup1>
      http://xc92sc.dev.local|https://xc92sc.dev.local
    </AllowedCorsOriginsGroup1>
  </AllowedCorsOrigins>
</DefaultClient>

Restart the identity server in IIS, and now you can surf to your Sitecore admin page with Https.

Voilà !

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: