Create and configure Web Application Firewall (WAF) in Oracle Cloud (OCI) for Public site

Create and configure Web Application Firewall (WAF) in Oracle Cloud (OCI) for  Public sites

1.      1.Login to OCI with administrator credential 

1.      2.Click Web Application Firewall by navigating “Identity & Security” in the OCI Admin portal

1.      3.Click create new WAF policy in the Web application Firewall page

1.      4.In the “Create WAF policy “page, Click “Use legacy workflow here if you need to secure your non-OCI web applications”

1.      5.In the “Create Edge Policy” provide the below details and  then click Create Edge Policy

Name:  name of the WAF Edge Policy

WAF Policy Compartment:  Select your Compartment

Primary Domain: provide your public domain FQDN

Origin Name: Name of your Source

Origin URI: Source of your application public FQDN. Ex: SharePoint public URL, Load balancer URL, API Gateway URL, API Application, IIS site URL etc.

6. Enable HTTPS in WAF by Importing Public Certificate

Convert your public certificate, Private Key and intermediate key in PEM format before enabling HTTPS in WAF.

  6a.Click Edit in the General Settings in WAF to Enable HTTPS and to import certificate

6b. In the Edit Settings page, Select “Enable HTTPS Support” 

6c.In the Edit setting page, choose “Upload or paste certificate and private key” under certificate Source

6d.Choose Text as “upload certificate Source” and “Upload private key Source”. In the certificate text editor section, paste your certificate content and intermediate certificate content one by one and paste your private key content in the private key text editor section from your PEM format files.

6e. Save your changes and publish the WAF.

7. Create the CNAME record as per in the WAF in your public domain control panel.

Create HTTPS(SSL) web application and Site collection in SharePoint 2019/2016/2013/2010

 Create HTTPS(SSL) web application and Site collection in SharePoint 2019/2016/2013/2010

1. Open Central admin site -> Application Management-> Web Applications-> Create new Web application.

2. Change from 80 to 443 in the PORT and provide FQDN in the Host Header      

3. In the Security Configuration section, Select “Yes” in the “Use Security Socket Layer”

4. Complete all the other required fields and keep rest of sections as default then click OK Create the web application.

5. Create the Site collection once the web application has been created

6. Associate(Bind) the public certificate SSL or Self signed certificate in the created web site in IIS before the browse the created new site.

Associating (Binding) certificate SSL in one web site, changing certificate on other site (SharePoint 2010/2013/2016/2019)

 Associating (Binding) certificate SSL in one web site, changing certificate on other site (SharePoint 2010/2013/2016/2019)

I have imported two explicit public certificates in the IIS on SharePoint Servers and configured AAM for HTTPS URL in the SharePoint Central Admin site.

When I associate the certificate in one site in IIS Binding, the existing associated certificate of other site getting changed automatically.

The issue has been resolved after I enabled “Require Server Name Indication” in one of the web application site in IIS.

Redirect HTTP to HTTPS using AAM in SharePoint 2019/2016/2013

Redirect HTTP to HTTPS using AAM in SharePoint 2019/2016/2013

1.      1.Set HTTPS URL as default under AAM in SharePoint and add Appropriate SSL in the Binding in IIS.      

1.      2.Click “Add internal URLs” and add your HTTP URL to the default Zone.                                                        

1.      3.Now the AAM should be looks like below                                                                                                  

1.      4. Click and add Binding and provide your hostname in IIS and do the IISRESET