When you upgrade you web site to SSL in SharePoint, you may need to consider re-configuring your search service to ensure it works well with the new URL with https. This article records the steps I did with the search service configuration.

Assumptions:

  • I have setup SSL for all SharePoint sites, including my site, so they are accessible from https://spsite/ and https://mysite/
  • Public URLs of http request will be redirected to https, e.g. http://spsite/ will be redirected to https://spsite/, http://mysite/ will be redirected to https://mysite/
  • Internal URLs (normally they are http://servername:port/) are NOT redirected to https. in my case, http://severname:8080/ is an alternative URL of https://spsite/, http://severname:8081/ is an alternative URL of https://mysite/
  • Search service is crawling default URLs, in my case, http://spsite/ and sps3://mysite/ (for people search), as search content source.

System Info:

I’m on SharePoint 2013 with Cumulative update till May 2015.

Requirements:

I found the search service no longer worked with the public http URLs as they were not directly accessible anymore, they were redirected to https.

I needed to update search crawling result to show https://spsite/ and https://mysite/, rather than showing http://spsite/ and http://mysite/.

Solutions:

UPDATE on 16/08/2016
Based on the comment from Alex, my solution might not be the best practice.
Part 2 is probably not needed. In Part 1 , try to use sps3s protocol instead of sps3 to crawl default My Site URL for indexing user profiles.
However, as we are using SharePoint Online (Delve) hybird mode to manage user profiles now, so we don’t need to configure My Site crawling any more, as a result, I cannot test it out, please let me know if it works for you.

There are two parts to fix that and achieve my requirements.

Part 1: Update search content source using https instead (does not work with my site)

Before changing search content source to crawl https I needed to update alternative URLs order, make https as the Default URL.

Note:
Crawling non-default URL is strongly not recommended, see explanation at
http://blogs.msdn.com/b/sharepoint_strategery/archive/2013/02/20/beware-crawling-the-non-default-zone-for-a-sharepoint-2013-web-application.aspx

In my case, I also found the search in list/library was broken if the search service was crawling a non-default URL.

Once https is the default URL, I changed SharePoint search content source to crawl https URLs.

However it does not work with http://mysite or https://mysite, because I always need use sps3://mysiteURL to crawl my site based on the instruction from Microsoft.

Part 2: Use ‘Server name mapping’ (Suitable for mysite)

  1. Update ‘SharePoint search content source’ URLs to use ‘servername + port’
    Because the public URL of mysite – http://mysite/ was redirected to https, so we needed to use ‘internal URLs’ for ‘search content’, in my case, I use sps://servername:8081/.
  2. Add server name mapping records in search service from http://servername:8081/ to https://mysite/
  3. Run full crawling for the above search content source. After the full crawling, I was able to see the search result showing https://mysite/ in your search centre.

Note:
As servername + port URL was not redirected, so I could have chose to put the servername + port URL as default URL for http://spsite/ as well, then crawl it as content source. When users access https://spsite/, the search result will be automatically set with URL https://spsite/, this is the good behaviour we get via crawling default URL in search service content source.

Recommendation:

  • For SharePoint ‘content sites’, redirect all http requests to https (including internal URLs), update search service to crawl https instead. (i.e. Part 1)
  • For SharePoint ‘my site’, because crawling https directly is not supported, I had to use ‘Server name mapping’ option (i.e. Part 2). Just make sure you do redirect ‘public http URL’ to https, only use ‘servername + port’ for my site search content source crawling…this is not ideal, but that is the best we can do for now.
Categories: SharePoint

4 Comments

Alex Burdin · April 19, 2016 at 6:15 pm

1) Do not use “server name mappings” (explained in the same “crawling non-default url” article.

2) Do not confuse people with MySites crawling: if you want to crawl mysites web application content – use https, if you want to crawl profiles – use sps3s protocol instead of sps3 (notice ‘s’ at the end).

    William Yin · August 16, 2017 at 5:56 am

    Thanks for your comment, this blog was only written for recording the steps I configured the search service for our SharePoint environment, which might not be the best practice suitable for everyone’s SharePoint farm.
    Using sps3s protocol sounds like a better solution worth to try, so I’ve added an “update quote” section to include your feedback to avoid misleading people, however, due to the lack of environment (we are using SharePoint online Delve now), I cannot try it out, will leave it to the future readers to test it.

Abdul Ibrahim · December 14, 2017 at 2:25 am

My SP site is CAC enabled, meaning you can only authenticate to the site using a client certificate (CAC card). SP site is https:// … only. setting up search crawl rule, indicated the path as Https:// —,
specified to use a client certificate. In content sources the starting url is also https://. Crawl fails with this message (cannot find or access the client certificate specified for crawling this site). Not sure what to do next.

Leave a Reply

Your email address will not be published. Required fields are marked *