Reputation: 401
tfs 2010, visual studio 2010 & HTTPS using self signed certificate
we've been configuring a full blown tfs 2010 setup for one site. one of the requirements is to have tfs app-tier configured on https (port 443). at the same time we're using self signed certificates... we are able to successfully apply the license and bind the tfs web app to port 443, but because it is a self signed certificate our visual studio clients immediately reject connection to the app tier.
we do not immediately have the liberty to get a signed certificate, if anyone can help me with trying to get visual studio 2010 accept the self signed certificate please?
any pointers in this direction will be helpful.
thanks in advance.
-ksm
Upvotes: 2
Views: 3916
Answers (2)
Reputation: 401
ok, so finally after a lot of digging around & playing with the configuration i've got this working like this:
server (host.name1 is a member of domain xxx.yyy)
- install the self-signed certificate on IIS (self-signed certificate was issued for host.name1)
- bind the tfs app-tier to port 443
client (client1 is member of domain xxx.yyy)
- using 'certmgr.exe' install the self-signed certificate on this machine as a trusted certificate
- in vs2010 use the FQDN (fully qualified domain name) of the tfs server to add it to the list; that is use host.name1.xxx.yyy & choose https as the protocol. this should do it
client (client2 is not a member of domain xxx.yyy; is behind a firewall & host.name1 is NATed to IP 1.2.3.4)
install the self-signed certificate as trusted source using 'certmgr.exe'
note that the FQDN host.name1.xxx.yyy will not resolve & merely using the IP 1.2.3.4 to connect to tfs will also not work in vs2010
to circumvent this add an entry in the 'hosts' file of the client
host.name1.xxx.yyy 1.2.3.4
you should now be able to ping using the hostname if the NATing was done properly
- now add the tfs in vs2010 using 'host.name1.xxx.yyy' and https protocol.
this should do the trick, worked for me :)
cheers!
Upvotes: 1
Reputation: 6521
Relevant items snipped from the Microsoft response to the MSDN post that you made that's identical (here):
In a situation where you are using a self-signed cert you will need to install the certificate into the Trusted Root Certification Authorities store(
certmgr.msc).The Certificate Manager tool (
Certmgr.exe) manages certificates, certificate trust lists (CTLs), and certificate revocation lists (CRLs).In addition, there is an article that may help for this issue: http://blogs.technet.com/b/sbs/archive/2007/04/10/installing-a-self-signed-certificate-as-a-trusted-root-ca-in-windows-vista.aspx
Upvotes: 2
Related Questions
- Enabling SSL in Visual Studio 2017
- How can resolve Untrusted certificates Error ?( TFS2013 Build and deploy to IIS )
- Even connecting the Visual Studio to TFS via HTTPS URL, HTTP URL is added
- Signing VSTO Code with EV Certificate on Visual Studio 2017
- HTTPS with Visual Studio's built-in ASP.NET Development Server
- Self-signed TLS certificates in Intranet
- SSL Certificate. HTTPS. Self Signed. Import to Visual studio to protect data transfers
- enable tls on visual studio c#
- SSL with Visual Studio Development Server
- Getting a trusted certificate for Visual Studio signing