6.2 Ensure SharePoint is configured with HTTPS connections

Information

By default, communication between Web servers and service applications within a farm
takes place by using HTTP with a binding to TCP 32843. Configurations should be changed
to enable SSL/TLS based HTTPS connections with a binding to TCP port 32844 instead.

Rationale:

Forcing communication over HTTPS TCP 32844 hardens the communication between
service applications will help to secure the communications against potential compromise

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

On the Service Applications page in Central Administration, select the service application,
and then click Publish.

See Also

https://workbench.cisecurity.org/files/2395

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CSCv6|9, CSCv6|14.2, CSCv7|14.4

Plugin: Windows

Control ID: e8f03f7554d27cc2ca17791fd1e67e1da3542a1764f5fdf15f52f8eeb7fc73d6