CHAPTER 11 SECURING REPORTSSSL section, and in the Certificate drop-down select the certificate you just created. You can also
configure a different port or specify an IP address for use, but we will be using the default for both.
Figure 11-5 shows you how the configuration screen should look.
After clicking OK on both open dialogs, the SSRS Server configures and binds the new URL/port
combination, and the URL is then ready for use. You will now see two URLs for use in the identification
section of the Reporting Services Configuration Manager.
Figure 11-5. Configuring the HTTPS URL
Capturing HTTPS Traffic
Now that you have the certificate installed, let’s return to Network Monitor and capture the running
reports, this time using https in the URL to the report server on PROSSRS in this example, which
instructs the browser to connect to the site with SSL on port 443, instead of HTTP on port 80.
The first thing you may run into when you navigate directly to the secure report manager is a
warning that the certificate has not passed all the criteria to be trusted because it does not come from a
known certificate authority (see Figure 11-6).
You can select Continue to This Web Site because you do indeed trust the site. You could also install
the certificate on the local machine by clicking the lock at the bottom of the browser and selecting Install
Certificate so that you will not be prompted with this message again. Installing the certificate in the local
client’s certificate store causes the browser to automatically trust the site. These steps are not required
for known certificate authorities such as VeriSign but are required for this self-assigned certificate.
At this point, you can access Report Manager with either HTTP or HTTPS since we have not
removed the ability to access via port 80 in the Reporting Services Configuration Manager. You can
control the required level of security in a few ways.