How to use SSL Wildcard Certificate in SSRS 2016

Eigh 1 Reputation point
2020-08-18T01:18:30.25+00:00

I am trying to use an SSL wildcard certificate in SSRS but so far I have no luck. I am able to access http://ServerName:80/ReportServer but not https://myReports.mycompany.com/ReportServer. The error I am getting is that the page cannot be displayed. Do I need to add a forward lookup zone in the dns? I am not sure what I am missing here. Appreciate the help!

Below are the steps that I have taken:

  1. Import .pfx wildcard certificate to personal certificate folder (Wildcard certificate has SANs (Subject Alternative Name) functionality: *.mycompany.com)
  2. In Reporting Services Configuration Manager -> Web Service URL : used the imported certificate as the https certificate (https port 443) 2.1. Report Server Web Service URLs Generated is below: http://ServerName:80/ReportServer https://+:443/ReportServer
  3. Stopped the report server service
  4. Deleted the https url reservation generated after binding the certificate : https://+:443/ReportServer/ 4.1 Command used: netsh http delete urlacl url=https://+:443/ReportServer/
  5. Add a new url reservation to match the certificate : https://myReports.mycompany.com:443/ReportServer/ 5.1 Command used: netsh http add urlacl url=https://myReports.mycompany.com:443/ReportServer/ user="NT SERVICE\ReportServer" listen=yes delegate=no sddl= (Same sddl of the previous url that i have deleted)
  6. Edit Reporting Services Configuration where my path is C:\Program Files\Microsoft SQL Server\MSRS13.MSSQLSERVER\Reporting Services\ReportServer\rsreportserver.xml 6.1 Have changed the <Add Key="SecureConnectionLevel" Value="0"> to <Add Key="SecureConnectionLevel" Value="3"> 6.2 My <UrlRoot> is blank, so I have added <UrlRoot>https://myReports.mycompany.com/ReportServer</UrlRoot> -- Start the Report Server Service
  7. Modified Windows Registry keys 7.1 Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa -> add a new DWORD called DisableLoopBackCheck and value is set to 1 7.2 Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy -> make sure that the "Enabled" DWORD value is set to 0

Reference: https://greigmitchell.co.uk/2016/08/enable-ssl-on-sql-server-reporting-services-with-a-wildcard-certificate/

Thanks, Aaron

SQL Server Reporting Services
SQL Server Reporting Services
A SQL Server technology that supports the creation, management, and delivery of both traditional, paper-oriented reports and interactive, web-based reports.
2,807 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Joyzhao-MSFT 15,566 Reputation points
    2020-08-18T06:45:51.133+00:00

    Hi,
    I'm not sure if it is the cause of Create Certificate Binding error. You may need the following to configure SSL on SQL Server Reporting Services.
    1.Make sure the Wildcard Certificate contains the private key.
    2.Make sure the URL is correct in rsreportserver.config file. The value should be the fully qualified path to your report server, with a hostname that is valid for your certificate.
    3.Ensure the CA certificate has been installed in the trusted root for the local computer.
    You can refer to Configure SSRS with an SSL Certificate.

    If The certificate doesn't contains the private key, please export the certificate with private keys on the machine where generated the initial CSR in IIS. Here is link.
    Hope this help.
    Regards,
    Joy