Changing the Port and Host Header for the Central Administration Web Application

The first server in a SharePoint farm that runs the SharePoint Products and Technologies Configuration Wizard provisions the SharePoint Central Administration web application and SharePoint configuration database. This Central Administration web application uses the server’s name as its host header, and by default a random port number. It also creates a content database for the Central Administration web application, which I previously discussed how to rename.

Using a non-default port adds an extra security layer that follows our defence in depth best practices. Firewalls are more likely to block traffic on these non-default ports, isolating access to SharePoint’s Central Administration. In other situations however, it may be desirable to access the Central Administration using friendlier URLs like the default HTTP over port 80, or preferably HTTPS over port 443. One place I like to use default HTTP/HTTPS ports is in my lab so I can follow a simple naming convention like https://spadmin and not have to remember port numbers.

Following are the steps I find work best for me when I want to change the Central Administration web application’s port and host header:

  1. Navigate to the “Application Management” tab in SharePoint Central Administration.

  2. Click the Create or Extend Web Application link.

  3. Click the Extend an existing Web application link.

  4. Select the “SharePoint Central Administration v3” web application.

  5. Enter the port (i.e. 80 or 443) and the host header that matches an available DNS entry you have set up (i.e. “spadmin”). If desired, select the “Use Secure Sockets Layer (SSL)” option.

  6. Verify the URL matches (i.e. “https://spadmin:443”) and click OK.

  7. Test the new URL.

I’ve found it best not to change the Default value in the Alternate Access Mapping from the one SharePoint assigned with the SharePoint Products and Technologies Configuration Wizard as that wizard can experience errors if you have to run it again, like after applying a service pack. Instead leave your custom URL in the intranet mapping field.