Changing the Port Number and Enabling SSL for SharePoint Central Administration Site


One of the common questions I get on the field is how to change the port number on Central Administation site.

Common mistake that admins do is just replacing the port number in Internet Information Server and fixing record in Alternative Access Mappings (AAM). But in this case settings are not stored in the Sharepoint database and the next time SharePoint Configuration is run, the settings will no longer be valid. Why? Because older settings were stored in a database.

You can imagine that most of the calls I got were when customers deployed SP1 on their farm, and just of a sudden Central administration stopped working...

There are two known procedures (maybe even more...).

Option A: Unprovisioning and provisioning of new CA site

The idea is to unprovision the old CA site and provision the new one. Complete procedure is explained on a Brett's Blog Adding Kerberos & SSL to Central Administration.

This procedure has some drawbacks and have to be careful if you made some customizations to the CA site or you made modifications to the CA's web.config file.

Option B:  STSADM command (getadminport, setadminport)

I think this approach is much better one. STSADM has a a switch you can use to read and set the port number or enable/disable SSL for Central Administration site.

To read settings:

If you are not sure what settings are stored in database, you can check with the command:

stsadm.exe -o getadminport

CA-getadminport

To change the settings:

stsadm.exe -o setadminport

Command has a few switches:

CA-setadminport-1

To change the port number:

stsadm.exe -o setadminport -port <port>

 CA-setadminport-2

To enable SSL:

stsadm.exe -o setadminport -port <port> -SSL

CA-setadminport-3

For SSL to work you also need to import the certificate in the IIS console (Same as for any ordinary web site).

Technorati Tags: , , , ,

2009/08/25 Updated for typos. (Thanks to erosen03)


Comments (3)
  1. erosen03 says:

    Great post! I think you have a typo on the last stsadm command line "to enable ssl":

      … getadminport …

    Should read:

      … setadminport …

    I think its a copy/paste thing, because your screenshot shows the correct operations 🙂

  2. Where is the information for getadminport stored. I can successfully retrieve the current port number however when I attempt to set it– I receive an error.

  3. Hi Thomas,

    You should check the error in event log. Post it here and maybe I can help.

Comments are closed.

Skip to main content