You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/reporting-services/security/configure-ssl-connections-on-a-native-mode-report-server.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -33,7 +33,7 @@ ms.author: maggies
33
33
34
34
- If IIS is installed, the World Wide Web (W3SVC) service must always be running. The HTTP SSL service will make a dependency on IIS if it detects that IIS is running. This means that the World Wide Web service (W3SVC) must be running whenever IIS and [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] are installed on the same computer and you are configuring report server URLs for TLS connections.
35
35
36
-
- Uninstalling IIS can temporarily disrupt service to an TLS-bound report server URL. For this reason, it is recommended that you restart the computer after you uninstall IIS.
36
+
- Uninstalling IIS can temporarily disrupt service to a TLS-bound report server URL. For this reason, it is recommended that you restart the computer after you uninstall IIS.
37
37
38
38
Rebooting the computer is necessary to clear all TLS sessions from cache. Some operating systems cache TLS sessions up to 10 hours, causing an https:// URL to continue to work even after the TLS binding has been removed from the URL reservation in HTTP.SYS. Rebooting the computer closes any open connections that use the channel.
39
39
@@ -58,7 +58,7 @@ ms.author: maggies
58
58
59
59
Report server database configuration is a requirement for testing the URL. If you have not yet created the report server database, do so before testing the URL.
60
60
61
-
URL reservations for Web Portal URL and the Report Server Web Services URL are configured independently. If you want to also configure the web portal access through an TLS-encrypted channel, continue with the following steps:
61
+
URL reservations for Web Portal URL and the Report Server Web Services URL are configured independently. If you want to also configure the web portal access through a TLS-encrypted channel, continue with the following steps:
62
62
63
63
1. Access the **Web Portal URL**.
64
64
@@ -74,7 +74,7 @@ ms.author: maggies
74
74
Certificate bindings will be stored in HTTP.SYS. A representation of the bindings you defined will also be stored in the **URLReservations** section of the RSReportServer.config file. The settings in the configuration file are only a representation of actual values that are specified elsewhere. Do not modify the values in the configuration file directly. The configuration settings will appear in the file only after you use the [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] Configuration tool or the Report Server Windows Management Instrumentation (WMI) provider to bind a certificate.
75
75
76
76
> [!NOTE]
77
-
> If you configure a binding with an TLS/SSL certificate in [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] and you later want to remove the certificate from the computer, make sure to remove the binding from [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] before you remove the certificate from the computer. Otherwise, you will be unable to remove the binding by using the [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] Configuration tool or WMI and you will receive an "Invalid parameter" error. If you have already removed the certificate from the computer, you can use the Httpcfg.exe tool to remove the binding from HTTP.SYS. For more information about Httpcfg.exe, see the Windows product documentation.
77
+
> If you configure a binding with a TLS/SSL certificate in [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] and you later want to remove the certificate from the computer, make sure to remove the binding from [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] before you remove the certificate from the computer. Otherwise, you will be unable to remove the binding by using the [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] Configuration tool or WMI and you will receive an "Invalid parameter" error. If you have already removed the certificate from the computer, you can use the Httpcfg.exe tool to remove the binding from HTTP.SYS. For more information about Httpcfg.exe, see the Windows product documentation.
78
78
79
79
TLS bindings are a shared resource in Microsoft Windows. Changes made by [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] Configuration Manager or other tools like IIS Manager can impact other applications on the same computer. It is a best practice to use the same tool to edit bindings that you used to create the bindings. For example if you created TLS bindings using Configuration Manager, then it is recommended you use Configuration Manager to manage the life cycle of the bindings. If you use IIS manager to create bindings, then it is recommended you use IIS manager to manage the life cycle of the bindings. If IIS is installed on the computer before [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)] is installed, it is a good practice to review the TLS configuration in IIS before configuring [!INCLUDE[ssRSnoversion](../../includes/ssrsnoversion-md.md)].
0 commit comments