SharePoint 2013 : Configuring an on-premise farm for Apps
April 7, 2013 2 Comments
At Ridgian we’ve stood-up an on-premise SharePoint 2013 Farm. Well actually it’s running in Windows Azure under an extension to our own AD and one thing we wanted to test and run through is configuring the Farm for Apps. Basically setting up our own App Store.
Now TechNet have a an article http://technet.microsoft.com/en-us/library/fp161236.aspx which is a really good article and quite easy to follow. There is one problem though. If you are using SSL and do actually configure a separate DNS domain for your Apps, the article is incomplete. There is one extremely important item missing and this item results in you always getting redirected to a 404 “Page Not Found” when you deploy and run your App.
Luckily Chris Whitehead, bless him, a Microsoft Premier Field Engineer has filled in the essential detail in his blog article http://blogs.technet.com/b/mspfe/archive/2013/01/31/configuring-sharepoint-on-premise-deployments-for-apps.aspx which took me quite a while to track down.
The missing item in the TechNet article is the “Routing Web Application”. Basically when you have set up everything as per the TechNet article, I was left wondering how does SharePoint actually know where to redirect the request to when all the Apps have a dynamically created DNS name such as apps-12345678abcdef.yourappsdomain.co.uk . Yes, it exists in DNS as a wildcard entry against your Apps server, but the server itself has no knowledge of this domain name and so refuses the request. The trick is in this final step which Chris mentions but the TechNet article omits. You create a new Web Application through SharePoint which has either:
- A different IP address to the main SharePoint Domain or …
- No Host Header if it shares the same IP address as the main SharePoint Domain.
This means that the server can now respond to any dynamically generated DNS name and SharePoint internals handles the fiddly routing bit. Now since we’ve run up our servers in Azure we cannot grant our Apps domain a separate IP address. This results in another issue. We end up with the Apps domain Web Application using the same certificate as the main SharePoint domain, so we get a certificate error coming up. So on your production domain you need to have two IP addresses available in order to successfully implement an App Store using SSL without certificate errors.
I thought this stuff was meant to be getting easier!
In summary read both the TechNet and Chris Whitehead’s articles if you want to successfully run up a production App Store on-premise and make sure you have 2 IP addresses available. One for the SharePoint domain, one for the App domain.
Hope this helps