I want to throw my portal to internet thru ssl channel. What is the right way to do it ? At this point i have: internet address - portal.company.com; newly created external iis web site connected my portal web application, it is second to my primary intranet website i had linked internal IP and port to internet IP on 80 port, so everything that hits portal.company.com: comes into my newly created IIS Site So no SSL yet, because it doesnt work even without it ) Problem is in authorization. I pass login\password but then it results in error. Why? What auth type should i choose for non-ssl connection and ssl connection ?

I would have created a basic http SharePoint web applications and made sure everything working properly. Then extend that web application out to the internet and specific SSL. Then go an add the certificate in IIS. If you don't add a certificate then you might have problems with authentication. You might have to apply a self signed certificate. http://technet.microsoft.com/en-us/library/cc287954(office.12).aspx#Section2 -tom daly

I would have created a basic http SharePoint web applications and made sure everything working properly. Then extend that web application out to the internet and specific SSL. Then go an add the certificate in IIS. If you don't add a certificate then you might have problems with authentication. You might have to apply a self signed certificate. http://technet.microsoft.com/en-us/library/cc287954(office.12).aspx#Section2 -tom daly

Thank you. We have problem with authorization even with web application with non-ssl iis site. What should be this outer-site be like? For example: I made mylocalsite:88. Administrator forwarded it in TMG to myinternetsite.company.com:80 Then i go into url associatiions and add myinternetsite.company.com to Internet zone. All auth setting are by default. When i try to access it from internet it requires login/pswrd, i enter em and it asks again. And so forever. Why is that happening? I`m on my way to try ssl.

Thank you. We have problem with authorization even with web application with non-ssl iis site. What should be this outer-site be like? For example: I made mylocalsite:88. Administrator forwarded it in TMG to myinternetsite.company.com:80 Then i go into url associatiions and add myinternetsite.company.com to Internet zone. All auth setting are by default. When i try to access it from internet it requires login/pswrd, i enter em and it asks again. And so forever. Why is that happening? I`m on my way to try ssl.

Are you performing everything from Central Administration? only thing you have to do in IIS is set the SSL Cert. Please read the link i posted. So you're first step is getting a web application up and running with a site collection. Make sure you can access this before going on any further. Doesn't matter if you use ports or host header, make sure its NOT SSL ( which is default ) . Next in central admin is to extend out the web application to the 'Internet' zone. Here you can specify your site host header, port 80, and enable SSL. Then you have to provide a cert, whether its a purchased or self signed. Do this in IIS. So now you have two SharePoint zones accessesible from 2 different urls. Both using NTLM authentication one is secured via SSL and the other in not. here is an article i just ran across that may help. http://faraz-khan.blogspot.com/2007/07/right-way-to-enable-ssl-on-moss-web.html -tom daly

Are you performing everything from Central Administration? only thing you have to do in IIS is set the SSL Cert. Please read the link i posted. So you're first step is getting a web application up and running with a site collection. Make sure you can access this before going on any further. Doesn't matter if you use ports or host header, make sure its NOT SSL ( which is default ) . Next in central admin is to extend out the web application to the 'Internet' zone. Here you can specify your site host header, port 80, and enable SSL. Then you have to provide a cert, whether its a purchased or self signed. Do this in IIS. So now you have two SharePoint zones accessesible from 2 different urls. Both using NTLM authentication one is secured via SSL and the other in not. here is an article i just ran across that may help. http://faraz-khan.blogspot.com/2007/07/right-way-to-enable-ssl-on-moss-web.html -tom daly

Are you performing everything from Central Administration? only thing you have to do in IIS is set the SSL Cert. Please read the link i posted. So you're first step is getting a web application up and running with a site collection. Make sure you can access this before going on any further. Doesn't matter if you use ports or host header, make sure its NOT SSL ( which is default ) . Next in central admin is to extend out the web application to the 'Internet' zone. Here you can specify your site host header, port 80, and enable SSL. Then you have to provide a cert, whether its a purchased or self signed. Do this in IIS. So now you have two SharePoint zones accessesible from 2 different urls. Both using NTLM authentication one is secured via SSL and the other in not.-tom daly

Are you performing everything from Central Administration? only thing you have to do in IIS is set the SSL Cert. Please read the link i posted. So you're first step is getting a web application up and running with a site collection. Make sure you can access this before going on any further. Doesn't matter if you use ports or host header, make sure its NOT SSL ( which is default ) . Next in central admin is to extend out the web application to the 'Internet' zone. Here you can specify your site host header, port 80, and enable SSL. Then you have to provide a cert, whether its a purchased or self signed. Do this in IIS. So now you have two SharePoint zones accessesible from 2 different urls. Both using NTLM authentication one is secured via SSL and the other in not.-tom daly