Previous Topic: Change the States of the Services on your Agent for SharePointNext Topic: Request a Client Certificate

Agent for SharePoint GuideAdvanced OptionsHow to Enable SSL for the Agent for SharePointAdd a Trusted Root Authority to your SharePoint Farm

Add a Trusted Root Authority to your SharePoint Farm

The next step in protecting the ClaimsWS service is adding a trusted root authority to your SharePoint farm.

Your SharePoint farm requires a new trusted root authority to identify and authenticate the information that it receives from the claims service. Create a trusted root authority on your SharePoint 2010 central administration server.

Follow these steps:

  1. Copy the certificates for the ClaimsWS service from the system hosting your Agent for SharePoint, to a directory on your SharePoint central administration server. Include the signed certificate that you downloaded from your certificate authority (certnew.cer file) and all the certificates in the certificate chain (certnew.p7b).
  2. Open the SharePoint 2010 central administration site.
  3. Click Security.
  4. Under General Security, click Manage trust.
  5. Click New.

    The Create Trusted Relationship dialog appears.

  6. Enter a name for the trust relationship.
  7. Click the Browse button next to the Root Authority Certificate, and then locate the certificate that you copied over in Step 1.
  8. Click OK.
  9. Repeat Steps 1 through 8 for each Certificate Authority certificate in your certificate chain. For example, if your certificate chain includes three certificates, repeat this step three times.

    The trusted root authority is created.

  10. Continue by configuring the mutual trust relationship between the CA SiteMinder claims provider and the ClaimsWS.