Hi everyone, I have a 2-tier farm with 2 SharePoint 2013 Servers configured for high availability (both servers are SharePoint, Search, Workflow etc.)
with a hardware load balancer in front of them.
The configuration is as follow: I have one web application with one http site collection
HostA:
IIS Host header: http://siteA.contoso.local (Default zone)-> IP 10.1.1.1
extended with Alternate Access Mapping to
IIS Host header: https://siteB.contoso.com (Intranet zone)-> IP 10.1.1.1
Windows HOSTS file entries:
10.1.1.1 siteA.contoso.local
10.1.1.1 siteB.contoso.com
HostB:
IIS Host header: http://siteA.contoso.local (Default zone)-> IP 10.1.1.2
extended with Alternate Access Mapping to
IIS Host header: https://siteB.contoso.com (Intranet zone)-> IP 10.1.1.2
Windows HOSTS file entries:
10.1.1.2 siteA.contoso.local
10.1.1.2 siteB.contoso.com
Load Balancer VIP: 10.1.1.3 (for port 80 & 443).
Domain DNS Server Entries:
10.1.1.3 siteA.contoso.local
10.1.1.3 siteB.contoso.com
(those are the IPs that my clients use to connect to
https://siteB.contoso.com
So both zones are using the same Virtual IP with Host Headers configured on IIS.
My users are using the https://siteB.contoso.com zone only.
I 'm trying to configure Apps infrastructure.
So far I have managed to make Apps working on my http zone but I have problem to setup Apps for my https (AAM) zone.
I have configured DNS entries for my apps:
*.contosoapps.com -> points to VIP 10.1.1.3 (
https://siteB.contoso.com ).
Apps domain: app.contosoapps.com
Apps web application and top level site collection has been set up:
http://contosoapps.com&
https://contosoapps.com:444 (with NO HEADERS on IIS)
SSL certificate *.contosoapps.com have been issued and installed on IIS
Right now, Apps are working on my http zone, but i can't make them work on my https zone.
I 'm aware of March 2013 PU new New-SPWebApplicationAppDomain PowerShell commands and tried to apply them for my https zone:
$contentService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
$contentService.SupportMultipleAppDomains = $true
$contentService.Update()
Iisreset
New-SPWebApplicationAppDomain -AppDomain contosoapps.com -WebApplicationhttps://siteB.contoso.com -Zone intranet -Port 444 -SecureSocketsLayer
Get-SPHealthAnalysisRule WebApplicationAppDomainsConfigurationTest | Enable-SPHealthAnalysisRule
i'm getting error
"An error occurred during a connection to app-ed24a3aad7c2da.contosoapps.com.
SSL peer has no certificate for the requested DNS name. Error code: SSL_ERROR_UNRECOGNIZED_NAME_ALERT
What i'm missing here? Is my configuration above correct?
Thank you in advance!
