Now that you have the certificate exported to a
file, you can import it to the Trusted Root Certification Authorities
store on the necessary machines. Perform these steps on an OWA server
and then repeat them on the SharePoint server:
1. Open the MMC by using the Search charm, typing mmc and pressing Enter. (You might still have the MMC open from the previous steps.)
2. Click File.
3. From the drop-down, click Add/Remove Snap-in. ...
4. Under Available snap-ins:, select Certificates, and then click Add.
5. From the pop-up window, select Computer account.
6. Click Next.
7. Accept the default of Local computer on the next screen and click Finish.
8. Back at the Add or Remove Snap-ins screen, click OK.
9. Expand Certificates (Local Computer).
10. Expand Trusted Root Certification Authorities.
11. Right-click on Certificates under Trusted Root Certification Authorities.
12. From the menu, select All Tasks > Import..., as shown in Figure 4.
13. From the Welcome screen click Next.
14. Click the Browse... button.
15. Navigate to the
OWA.pfx
file you saved in the previous steps. From the File type section, you
need to specify PFX files or all files. If you are now on the
SharePoint server, you probably need to copy the file to the SharePoint
server. Hopefully, in this age, you can do so without using sneakernet.
WHAT IS SNEAKERNET?
Darn kids these days. When writing this
chapter, I casually mentioned sneakernet and kept on going, but then I
realized there are probably just as many admins today who have no clue
what sneakernet is as those who do. So there is no confusion,
sneakernet is how people used to move things from one computer to
another. You popped in a floppy disk (hope you at least have an idea
what those are) and copied the file to the floppy. Then you ejected it
and walked it over to the other computer to copy it to that computer.
Since us IT folks like to wear casual shoes (aka sneakers) and that was
the way the file was flying across the room we adopted the name
sneakernet. It was very similar to the way your parents walked to
school in the snow, uphill both ways. Don’t you feel smarter now?
16. Back on the File to Import screen, click Next.
17. When prompted, enter the password. In this example, use pass@word1.
18. Leave all the other check boxes at the their default values and click Next.
19. At the Certificate Store screen, confirm that your defaults match Figure 5. You have to import into the Trusted Root Certification Authorities store or all this work was for naught.
20. Click Next.
21. At the Completing screen, click Finish.
22. Click OK at the Successful message.
23. Close the MMC console. At the pop-up asking if you want to save your settings, click No.
That does it; now the server trusts that
self-signed certificate. The easiest way to confirm you did all of this
correctly is in the section “Using the HTTPS Protocol;” when you are
asked to navigate to https://owa.contoso.com/hosting/discovery,
you should not receive any type of SSL error. Keep in mind that the URL
will not work until you go through those steps. If you do get an error,
come back and try these steps again. Remember to also confirm that the
URL works without certificate errors from the SharePoint server.
