Hi, I am installing SSRS 2008 currently and am trying to ensure that all reports are delivered encrypted, via the certificate we have on the server. I have the default config for SSRS after installation and have added the certificate to Report Server and Report Manager. I can now access https://server/reportserver_instance and https://server/reports_instance and the certificate is acknowledged by the browser.
However, I can still access http://server/reportserver_instance and http://server/reports_instance and get unencrypted content. When I removed the port 80 connection via the advanced tab the report server ceases to provide any content and I get "The underlying connection was closed: An unexpected error occurred on a send."
Any thoughts, suggestions, solutions welcomed!
asked Aug 05 '10 at 02:27 AM in Default
Start -> Run -> inetmgr. Navigate to the report server site and check the value of the Enabled Protocols. If it is set to http (or https) then both protocols are enabled. This is a problem because the site is listening on both ports (80 and 443) and serves http requests which is not what you want. The details of the Enabled Protocols settings have this in the details frame:
I believe that this means double-clicking on SSL Settings and then making sure that Require SSL checkbox is checked. What this should accomplish is the following: when the client sends a plain vanilla http request to the report server site, the latter will bark, stating that no http connections are allowed and https should be specified as a protocol. From what I understand, you have already configured secure bindings before, so your report server site does accept https connections.
Hope this helps, I can see how availability of http can be really annoying if the site in question is meant to work over secure socket layers only.
answered Aug 07 '10 at 03:45 PM
I think you need to set SecureConnectionLevel to 3:
answered Aug 05 '10 at 05:37 AM