Monday, 11 August 2014

SharePoint 2013 SP1 and several CU’s later…

Yes… it’s been an extremely long time since my last blog post. More than a year and a half is gone after SP2013’s release and I have been working with it non-stop since the very first day, or even earlier as SharePoint Preview. Several customers and projects later I find myself again with some minutes to gather and write up my thoughts.

During all this time we have moved from the excitement of a new SharePoint version to the already anticipated full move to the cloud. Azure and Office365 are part of my daily life and it is like opening a box full of surprises when you see the list of enhancements being released constantly. Power BI, Azure Mobile Services, Visual Studio 2013 Update 3, Azure Express Route, Azure Redis Cache… you have the feeling you can expand in every possible direction and never reach the end of it. I suppose this was the kind of feeling some of the early discoverers and sailors had while going across oceans, without knowing if there was land at the end of it. One thing is clear, we share the same excitement of discovery.

This blog post is not going to add anything to the general technical wisdom you all have, but I thought I had to say this site is still alive to the more than 58.000 unique visitors since my last article was posted. I hope the content you were looking for was useful, even though it is more SP2010 full trust oriented and not the SharePoint / Office365 App world we are all in, just yet.

I hope to have time in the coming days, weeks and months to write some of the lessons learnt while I was “away” or just some things I already knew but I never had the time to write about. I have a document title blog ideas and it is 2 pages long! So, I will try to write things for me and make them publicly available to you. This was the initial intention of this blog… write things up for myself and let somebody else take advantage of it to build a bigger knowledge base.

Thanks again to all those 58K unique visitors, I owe you this post and a lot more!

Wednesday, 24 October 2012

SharePoint 2013 RTM available in MSDN and TechNet

So, once again, we have been fooled to believe the go-live would be later this year. Some other people thought Q1 2013... some others thought it would see the light at the SharePoint Conference 2012 in Las Vegas (we are just a few weeks away from the event)... but no!! It is available as of today with your MSDN subscription and I have it in my hard drive already!!! :)

So, I will be getting rid of my SP2013 Preview box and getting up with the real one soon... I will not be the first obviously, there are those professional bloggers out there just burning their HD's and fingers to be the first ones to write about the RTM version... good luck to everyone with the latest SharePoint version... we have a new baby in the family!!!

Sunday, 21 October 2012

Registering and trusting external SSL Certificates in SharePoint 2010

Why would I need to register and trust external SSL certificates in a SharePoint farm?
Well, most of the times you don’t have to unless you need to access an external website that is HTTPS SSL protected and you have not created the consuming service or WebPart yourself. You can by-pass the “not trusted certificate” issues from code, but what happens if you are using a WebPart that should just work and it doesn’t because of the not trusted certificate? Well, here are the errors and how to sort them out.

The Problem
One of the typical WebParts that you would target external sites with is the RSS Viewer WebPart. Imagine that you are working in a secured intranet, with multiple protected services and URLs. One of those HTTPS URLs is the RSS Feed and as soon as you set your RSS Viewer WebPart to query that URL you receive the following “descriptive” error:

The requested RSS could not be displayed. Please verify the settings and url for this feed. If this problem persists, please contact your administrator.

You try the URL in a browser and you can access it, but not from the RSS Viewer Webpart. So… it is one of those SharePoint issues and I should trust the Root Certificate in SharePoint to sort it. But the story is not complete.

The “almost” resolution
You can think that trusting the Root Certificate would sort the issue, but not completely. We need to get the root certificate as shown below and complete the operations with what I describe as The Catch! Anyway, we need to start with the Root Certificate as follows:

Export Root Certificate
Log onto the server running Central Administration
Open the site containing the RSS feed that SharePoint should display with Internet Explorer. These instructions pertain to IE8/9.
Display the site certificate details by clicking on the padlock and selecting View certificates
Follow the certification path to the root certificate by selecting the Certification Path tab and selecting the top certificate
Click View Certificate
Click the Details tab
Click Copy to File
This will start the Certificate Export Wizard. Click Next on the welcome screen
Click Next on the Export File Format screen
Enter a filename for the root CA and append .cer, for example, c:\certs\thawte.cer.
Click Next
Click Finish

Create Central Administration Trust
Launch Central Administration
Click Security
Within the General Security section, click Manage Trust
Click New
Enter a descriptive name for the trust. For example, “Thawte Trust”, “Verisign Trust”, etc.
For the Root Authority Certificate, click Browse and locate the exported certificate
Click OK to establish the trust relationship

You are done, you think, but you go and try your RSS Viewer WebPart and the error is still there. Then… I will make a debugging/troubleshooting story short… you find this error in the SharePoint Logs:

The root of the certificate chain is not a trusted root authority

The Catch!
So you scratch your head, you think you have trusted the root authority already, more than once if you allow me to say it :) but then you see that, between the site you are accessing and the root authority, there is another certificate, as shown in the example below:

So, if instead of just exporting the Root (VeriSign) in this example, I export the 3 of them and trust those 3 certificates in my SharePoint Farm, as described in the step by step above, I will be able to see my RSS Viewer WebPart up and running without any other major issue.

If you ever encounter an issue with certificates and trusting the root certificate provider doesn’t solve the issue, try to trust the complete certification path instead, with as many copies of certificates as levels you have in your certification path. This will sort out your issue.