SSL Bridging (HTTPS to HTTPS)

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

In some secure sockets layer (SSL) termination configurations, a proxy server or firewall processes an HTTPS request for the client and then forwards the request to a Web server by using HTTP. This configuration ends the SSL connection between the client and the Web server at the reverse proxy server, as required by many reverse proxy servers.

However, because Windows SharePoint Services uses absolute URLs, the URL from the client and the URL sent to the server must match. To keep the URL sent from the client to the reverse proxy server the same as the URL sent from the reverse proxy server to the Web server, a new SSL connection is established between the reverse proxy server and the Web server. This is the SSL bridging (HTTPS to HTTPS) configuration.

The following illustration shows an SSL bridging (HTTPS to HTTPS) configuration:

Cc750512.ZA011914971033(en-us,TechNet.10).gif

Figure3. Secure Sockets Layer (SSL) bridging

For information about setting up SSL bridging with ISA Server, see the sections Configuring SSL bridging (HTTPS to HTTPS) with ISA Server 2000 or Configuring SSL bridging (HTTPS to HTTPS) with ISA Server 2004 later in this article.

The following sections describe how to configure host-header forwarding and SSL bridging (HTTPS to HTTPS) with ISA Server 2000 and 2004. If you are using a different proxy server, you should refer to that servers documentation for implementation details.