Overview
The SharePoint Apps Environment has been available since SharePoint 2013. The documentation available for configuring the environment is somewhat all over the place. If you want to learn how to configure SharePoint 2019 Apps environment, especially with SSL support, read on!
Example Settings
The following settings will be used for setting up the apps environment in this example:
Company Name: Uber Widgets
Portal Web App: Uber Widgets
Portal URL: https://portal.uberwidgets.com
APPS Web App: Uber Widgets Apps
APPS URL: https://uberwidgets-apps.com
DNS
Configure a domain name for your apps. The domain should not be a subdomain of the domain that hosts the SharePoint sites. For example, if your portal domain is uberwidgets.com, consider using something like uberwidgets-apps.com and NOT apps.uberwidgets.com.
Create a wildcard alias record for the new domain. The alias name should be * (asterisk). For example, *.uberwidgets-apps.com. The CNAME record should point to the SharePoint portal.
Example 1: There is a single web front end serving content for https://portal.uberwidgets.com. The DNS name portal.uberwidgets.com points to the web front end. Point the CNAME record to the fully qualified domain name (FQDN) of the web front end.
Example 2: There are 3 load balanced web front ends serving content for https://portal.uberwidgets.com. The DNS name portal.uberwidgets.com points to the load balancer. Point the CNAME record to the FQDN of the load balancer.
SSL Wildcard Certificate
If the SharePoint portal is using HTTPS/SSL, use SSL for the apps. The domain should be added in the form of a wildcard. For example: *.uberwidgets-apps.com. The issued certificate must be in PFX format.
Create Apps SSL Web Application
Server Name Indication
If the existing web application is using SSL, enable "Server Name Indication" in IIS. Otherwise only one IIS site can run on port 443.
- IIS > Sites > SharePoint Site > Bindings > Check/Enable "Require Server Name Indication"
Create Apps Web Application
- Central Admin > Application Management > Manage Web Applications > New
- Create a new IIS web site
- Name: Uber Widgets Apps
- Port: 443
- Host Header: LEAVE BLANK -- CANNOT HAVE HOST HEADER!!!
- Path
- Default will be c:\inetpub\wwwroot\wss\VirtualDirectories\*port*
- Suggest changing to something more descriptive like the web application name, UberWidgetsApps for example
- Allow Anonymous: NO
- Use Secure Sockets Layer (SSL): YES
- URL: https://uberwidgets-apps.com
- Either create a new application pool for the web application or use an existing pool. For example, create application pool "UberWidgetsApps"
- Specify the database server and database name. For example: SP_Content_Apps
Bind SSL Certificate
- Log onto each web front end
- Copy the SSL wildcard certificate to each web front end
- Double click the PFX file
- Store location: local machine
- Certificate Store: Automatically select the certificate store based on the type of certificate
- IIS > Sites > Apps Site > Edit Bindings
- Host Name: *
- SSL Certificate: the certificate that was just installed, *.uberwidgets-apps.com for example
Create Top Level Site Collection for Apps Web Application
- Central Admin > Application Management > Create Site Collections
- Web Application: https://uberwidgets-apps.com
- Title: Uber Widgets Apps
- URL: https://uberwidgets-apps.com
- Template: Team Site
- Primary Site Collection Administrator: farm install account
Create Subscription Settings Service
Enable automatic provisioning of the Microsoft SharePoint Foundation Subscription Settings Service as follows:
- Central Admin > System Settings > Manage services in this farm
- Microsoft SharePoint Foundation Subscription Settings Service > Enable Auto Provision
Create Subscription Settings service application and proxy as follows:
- Launch SharePoint Management Shell as Administrator
- The following PowerShell commands will create the Subscription Settings service application and proxy. Change the application pool name to an existing application pool in your environment.
$sa = New-SPSubscriptionSettingsServiceApplication -ApplicationPool "ServiceApps" -Name "Subscription Settings Service" -DatabaseName "SP_Service_SubscriptionSettings"
$proxy = New-SPSubscriptionSettingsServiceApplicationProxy -ServiceApplication $sa
Create App Management Service
Create App Management service application and proxy as follows:
- Launch SharePoint Management Shell as Administrator
- The following PowerShell commands will create the App Management service application and proxy. Change the application pool name to an existing application pool in your environment.
$sa = New-SPAppManagementServiceApplication -ApplicationPool "ServiceApps" -Name "App Management Service" -DatabaseName "SP_Service_AppManagement"
$proxy = New-SPAppManagementServiceApplicationProxy -ServiceApplication $sa -Name "App Management Service Proxy"
Create App Catalog
Each web application can have its own app catalog. Create an app catalog as follows:
- Central Admin > Apps > Manage App Catalog
- For this example, select the Uber Widgets web application
- Select "Create a new app catalog site" and click OK
- On the Create App Catalog page, in the Title box, type a title for the App Catalog site such as "Apps"
- In the Description box, type a description for the site if desired
- In the URL box, fill in the URL to use for the site. For example, https://portal.uberwidgets.com/sites/apps
- In the Primary Site Collection Administrator section, in the User Name box, type the user who will manage the catalog
- In the End Users section, in the Users/Groups box, type the names of the users or groups that you want to be able to browse the catalog.
- Added users or groups have read access to the App Catalog site
- You can add multiple user names and security groups
- Users must be added as End Users to be able to browse the App Catalog from their site collections
Configure App URLs
The last step is to configure App URLs as follows:
- Central Admin > Apps > App Management > Configure App URLs
- App Domain: For this example, uberwidgets-apps.com
- App Prefix: Whatever you like, app for example
Congratulations! The SharePoint 2019 apps environment should now be fully operational.