How to Establish SharePoint Root Certificate Trust for Commerce Foundation Services Secured Using SSL
In a three-tier Microsoft SharePoint 2010 commerce deployment, it is recommended to use secure transport mode (SSL) for communications with the Commerce Foundation on the application tier. Part of this configuration requires adding an SSL certificate to the HTTPS binding for the Web site hosting the Commerce Foundation service. This is the case, for example, when you configure secure communications between a SharePoint 2010 commerce application and a Commerce Foundation endpoint (How to Configure SSL between a Commerce Application and a Commerce Foundation Endpoint.)
Perform the following steps to export the Commerce Foundation root certificate into the SharePoint 2010 trusted root authority list using Microsoft Windows PowerShell. Copy the SSL certificate used to secure the Commerce Foundation operation service. The certificate must not contain a private key. When you export the certificate, specify the option "No, do not export the private key". Use DER encoded binary X.50 (.CER) format.
Note
This procedure assumes that you will copy the certificate at the root of the presentation tier machine. This procedure uses the certificate file name CsAppTier.cer.
On the presentation tier machine, open a SharePoint 2010 Management Shell.
In the shell, perform the following command: cd c:\
Copy the certificate to a variable: $cert = Get-PfxCertificate .\CsAppTier.cer
Submit the certificate to SharePoint 2010 : New-SPTrustedRootAuthority -Certificate $cert -Name CsAppTier
See Also
Other Resources
Considerations for Securing Commerce Communication Channels Using SSL