在 SharePoint Server 中安裝工作流程管理員憑證Install Workflow Manager certificates in SharePoint Server

* * 摘要: * * 了解如何設定工作流程管理員與 SharePoint Server 間加密通訊的 SSL 憑證。**Summary: ** Learn how to configure SSL certificates for encrypted communication between Workflow Manager and SharePoint Server.

安全通訊端層 (SSL) 是它會使用加密憑證加密的通訊協定。工作流程管理員與 SharePoint Server 可在使用 SSL 安全莊園通訊。本文說明安裝和設定 SSL 憑證所需的步驟。Secure Socket Layer (SSL) is an encrypted communication protocol which uses encryption certificates. Workflow Manager and SharePoint Server can communicate in a secure manor using SSL. This article describes the steps required to setup and configure SSL certificates.

設定步驟Configuration steps

下列各節提供的設定工作流程管理員與 SharePoint Server SSL 通訊的指示。The following sections provide instructions for configuring SSL communication with Workflow Manager and SharePoint Server.

啟用 SSLEnable SSL

啟用 IIS 管理員的安全通訊端層 (SSL)。如需完成設定的相關指引,請前往下列網站:Enable Secure Sockets Layer (SSL) in IIS Manager. For guidance on completing the configuration, see the following:

在 SharePoint 中安裝工作流程管理員憑證Install Workflow Manager certificates in SharePoint

在某些情況下,您必須取得及 SharePoint 伺服器上安裝工作流程管理員"簽發者 」 憑證。以下是情況其中您必須安裝工作流程管理員憑證:Under some circumstances, you must obtain and install Workflow Manager "issuer" certificates on SharePoint Server. Here are the circumstances where you must install Workflow Manager certificates:

  1. 如果在 SharePoint Server (這不是預設值) 或在工作流程管理員 (這是預設值),已啟用 SSL ANDIf SSL is enabled either on SharePoint Server (which is not the default) or on Workflow Manager (which is the default), AND

  2. SharePoint Server 與工作流程管理員不共用憑證授權單位,如果 ANDIf SharePoint Server and Workflow Manager do not share a Certificate Authority, AND

  3. 如果工作流程管理員設定為可產生自行簽署的憑證 (這是預設值)。If Workflow Manager is configured to generate self-signed certificates (which is the default).

注意

產品試用版、 工作流程開發及疑難排解較為如果未啟用 SSL。不過,SharePoint Server 與工作流程管理員之間的通訊並未加密如果未啟用 SSL。基於此 SSL 應啟用的實際執行的設定。Product trial, workflow development, and troubleshooting are easier if SSL is not enabled. However, communication between SharePoint Server and Workflow Manager is not encrypted if SSL is not enabled. For this reason, SSL should be enabled for production configurations.

取得並從工作流程管理員伺服器匯出憑證To obtain and export certificates from the Workflow Manager server

  1. 在已安裝的工作流程管理員的電腦,選擇 [ IIS 管理員] 中,網站工作流程管理網站] 上按一下滑鼠右鍵,然後選擇 [編輯繫結On a computer that has Workflow Manager installed, choose IIS Manager, Sites. Right-click Workflow Management Site, and then choose Edit Bindings.

  2. 選擇https連接埠],然後選擇 [編輯。在 [ SSL 憑證] 區段中選擇 [檢視] 按鈕。Choose the https port, and then choose Edit. Choose the View button in the SSL Certificate section.

  3. 若要匯出簽發者憑證,請按照下列步驟:To export the issuer certificate, do the following:

  4. 在 [憑證] 視窗中,選擇 [憑證路徑] 索引標籤。In the Certificate window, choose the Certification path tab.

  5. 選取 [根憑證路徑,並選擇 [檢視]Select root certification path and choose View.

  6. 在 [詳細資料] 索引標籤上選擇 [匯出憑證,並接受匯出精靈] 的預設選項。On the Details tab, choose Export Certificate, and take the default options in the export wizard.

  7. 為匯出的憑證檔取一個好記的名稱。Give the exported certificate file a friendly name.

    在 SharePoint 伺服器上安裝憑證To install certificates on SharePoint Server

  8. 將簽發者憑證複製到您的 SharePoint Server 電腦。Copy the issuer certificate to your SharePoint Server computer.

  9. 將憑證加入 Windows Certificate 存放區。Add the certificates to the Windows Certificate store.

  10. 請針對每個憑證執行下列步驟:For each certificate, do the following:

  11. 在檔案上按兩下以開啟並檢視憑證。Double-click the file to open and view the certificate.

  12. 在憑證上選擇 [安裝憑證] 按鈕以啟動 [安裝精靈]。On the certificate, choose the Install Certificate button to start the installation wizard.

  13. 在精靈中,選擇將以下的存放區中的所有憑證都放,,然後選擇 [信任的根憑證授權單位In the wizard, choose Place all certificates in the following store, and then choose Trusted Root Certification Authorities.

  14. 新增至 SharePoint Server 的憑證使用移至 [SharePoint 管理命令介面執行New-sptrustedrootauthority cmdlet。每個憑證檔案執行這項作業。Add the certificates to SharePoint Server by going to the SharePoint Management shell and running the New-SPTrustedRootAuthority cmdlet. Do this for each certificate file.