Hello,we have use the sharepoint with SSL. https://sp.comIf I add the new folder in document library and click into, the sharepoint going into http://intern we have Alternate Access Mappings Default Zone:http://internInternet Zone:https://sp.comIf I change default zone to https://sp.com I have a problem with "crawl" in search.What can I do???Thanks in advanceSebastian

Hi sebastian.mayer.67,i think you use off-load SSL with ISA or load balancer device so to solve your problem :Do the following steps for solving your problem:1- Make your public URL in default Zone with https://sp.combecause For SSL offload, the Alternate Access Mapping entries must have URLs defined as https://<FQDN>,regadring to the problem of search , i want to ask one question , did you create your web application with fully qualified Domain name (i.e. portal.domain.com). if so , you must disable this feature by the following steps :-you will do these steps on your servers:- To set the DisableLoopbackCheck registry key yourself, follow these steps: 1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base: 281308 (http://support.microsoft.com/kb/281308/ ) Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name 2. Click Start, click Run, type regedit, and then click OK. 3. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa 4. Right-click Lsa, point to New, and then click DWORD Value. 5. Type DisableLoopbackCheck, and then press ENTER. 6. Right-click DisableLoopbackCheck, and then click Modify. 7. In the Value data box, type 1, and then click OK. 8. Quit Registry Editor, and then restart your computer. References:- http://support.microsoft.com/?kbid=896861plz, try and give us your feedback. . Best Regrads, Ahmed Madany

> we have use the sharepoint with SSL. https://sp.comIt is against all forum etiquette to post the same post to more than one forum as it wastes everyone's time to have parallel threads.I have deleted your identical post to the Dev/Programming forum where it is in any case off-topic.Please do not do this again.(Moderator)FAQ sites: (SP 2010) http://wssv4faq.mindsharp.com; (v3) http://wssv3faq.mindsharp.com and (WSS 2.0) http://wssv2faq.mindsharp.com Complete Book Lists (incl. foreign language) on each site.

> we have use the sharepoint with SSL. https://sp.comIt is against all forum etiquette to post the same post to more than one forum as it wastes everyone's time to have parallel threads.I have deleted your identical post to the Dev/Programming forum where it is in any case off-topic.Please do not do this again.(Moderator) FAQ sites: (SP 2010) http://wssv4faq.mindsharp.com; (v3) http://wssv3faq.mindsharp.com and (WSS 2.0) http://wssv2faq.mindsharp.com Complete Book Lists (incl. foreign language) on each site. ok

Hi sebastian.mayer.67,i think you use off-load SSL with ISA or load balancer device so to solve your problem :Do the following steps for solving your problem:1- Make your public URL in default Zone with because For SSL offload, the Alternate Access Mapping entries must have URLs defined as https://<FQDN>,regadring to the problem of search , i want to ask one question , did you create your web application with fully qualified Domain name (i.e. portal.domain.com). if so , you must disable this feature by the following steps :-you will do these steps on your servers:- To set the DisableLoopbackCheck registry key yourself, follow these steps: 1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base: 281308 (http://support.microsoft.com/kb/281308/ ) Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name 2. Click Start, click Run, type regedit, and then click OK. 3. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa 4. Right-click Lsa, point to New, and then click DWORD Value. 5. Type DisableLoopbackCheck, and then press ENTER. 6. Right-click DisableLoopbackCheck, and then click Modify. 7. In the Value data box, type 1, and then click OK. 8. Quit Registry Editor, and then restart your computer. References:- http://support.microsoft.com/?kbid=896861plz, try and give us your feedback. . https://sp.com Best Regrads, Ahmed Madany thanks, but it's not working

Hi sebastian.mayer.67,did you adjust AAM? did you use SSL-offload with ISA as i told? if you are using SSL-Offload with ISA , you must make url comes from ISA as internal url for https, so your alternate access mapping will be as the following:- say url comes from ISA is (http://sharepoint) then https://sp.com internet https://sp.com(http://sharepoint) internet https://sp.comi advise you read the following KB about Alternate Access Mapping :-http://technet.microsoft.com/en-us/library/cc261814.aspxBest Regrads, Ahmed Madany

Hi Sebastion,1. You should always extend your WebApp for the Internet or in your case it should be Extranet to the outside world in this case with the host header https://sp.com on port 443. A reason (not the only one) for extending the WebApp is so that you can continue using NTLM internally and change the Extended IIS WebSite to use basic with SSL.. NTLM is HASH'd and will not work if its encrypted... and you shouldnt run both on a single IIS WebSite2. If you change the Default URL for the zone to HTTPS, perform a full reset and full crawl and you will be able to perform your searches.3. Disabling LoopBack processing is the least desirable and is not considered a best practice... Method 2 http://support.microsoft.com/?kbid=896861 using BackConnectionHostName allows you to eneter the hostsnames that will be used on the server but not disable LoopBackProcessing altogether.4. If you have an internal URL as Http://sp.com and an external url as https://sp.com the results will not be returned. This issue occurs if both HTTP and HTTPS are used for the same host header site. You cannot have the same site collection exposed over HTTP and HTTPS, and then perform a search to return results over both protocols. If you want the host-named site collection to be searchable over HTTP, put the host-named collection in the HTTP Web application. If you want the host-named site collection to be searchable over HTTPS, put the host-named site collection in the HTTPS Web applicationFor using ISA refere to article http://technet.microsoft.com/en-us/library/cc268368.aspx and is using ISA besure to read and uderstand the differences between the following HTTPS-to-HTTPS bridging HTTPS-to-HTTPS bridging protects against attacks that are hidden in SSL-encrypted connections. For SSL-enabled Web applications, after receiving the client's request, ISA Server 2006 decrypts it, inspects it, and terminates the SSL connection with the client computer. The Web publishing rules determine how ISA Server communicates the request for the object to the publishing Web server. If the secure Web publishing rule is configured to forward the request using Secure HTTP (HTTPS), ISA Server initiates a new SSL connection with the published server. Because the ISA Server computer is now an SSL client, it requires that the publishing Web server responds with a server-side certificate. HTTPS-to-HTTP bridging (SSL Termination) HTTPS-to-HTTP bridging (SSL Termination) protects against attacks that are hidden in SSL-encrypted connections. For HTTP-enabled Web applications, after receiving the client's request, ISA Server 2006 decrypts it, inspects it, and terminates the SSL connection with the client computer. The Web publishing rules determine how ISA Server communicates the request for the object to the publishing Web server. If the secure Web publishing rule is configured to forward the request using HTTP (unencrypted), ISA Server initiates a regular HTTP connection with the published server. Because the connection between the ISA Server computer and the published Web server is over HTTP, the SSL processing load is removed from the published Web server. HTTPS-to-HTTP bridging can increase the performance of your published Web serversReferencehttp://support.microsoft.com/kb/927919http://support.microsoft.com/?kbid=896861http://technet.microsoft.com/en-us/library/cc268368.aspx-Ivan Ivan Sanders My LinkedIn Profile, My Blog, @iasanders.

Hello,thanks for your help, I have got the solution.I have a problem with a crawl, this is solution helped me and with librarys problem.>>Thank you Ahmed, this is was a solution for me.>>>>advise you read the following KB about Alternate Access Mapping, also describe an example With ISA>>>>http://technet.microsoft.com/en-us/library/cc261814.aspxIt's working now with following configuration.int zone publhttp://sp default http://sp https://sp.com internet https://sp.com http://sp.com internet https://sp.com Sebastian