My client's SP2013 farm currently uses path based site collections, however due to new requirements I'm expanding the farm by use of host-named site collections. I've set it all up in my development environment, however unfortunately the dev environment doesn't have off-box SSL termination (an expensive load-balancer wasn't justifiable for dev), so I'd like to just confirm whether my approach will work with off-box SSL termination
- Create a new web application with the -SecureSocketsLayer switch (the current web applications don't have this, so I can't use them)
$webApp = New-SPWebApplication -Name $webAppName -port 443 -ApplicationPool $webAppPool -ApplicationPoolAccount (Get-SPManagedAccount $iisAccount) -AuthenticationProvider (New-SPAuthenticationProvider –UseWindowsIntegratedAuthentication) -SecureSocketsLayer
- Then create a content database for it of course.
New-SPContentDatabase -Name $contentDbName -WebApplication $webAppName
- Create the host-named site collections in the new web application with HTTPS URLs
$spSite = New-SPSite -Url $httpsUrl -OwnerAlias $owner1 -SecondaryOwnerAlias $owner2 -ContentDatabase $contentDbName -HostHeaderWebApplication $webAppName -Name $name -Template $template
The main question I have is this: This creates an IIS site which uses SSL. In dev, I slapped a self-signed certificate on it in IIS and moved onward. In production however, the IIS site must be non-SSL as we have off-box termination. How will this function if the HNSCs in the web app are HTTPS? Do I just change the bindings on the IIS site to non-SSL port 80 and job done?
Thanks!
sysadmin