Add a SharePoint 2010 RSS Viewer Web Part to a page and configure it to read from an external SSL (HTTPS:) feed. The following message will be displayed:
"The requested RSS could not be displayed. Please verify the settings and url for this feed. If this problem persists, please contact your administrator."
Checking the event logs of the web front ends will also show the following message:
"An operation failed because the following certificate has validation errors" ...
The problem is that SharePoint does not utilize the Windows certificate store, it maintains it's own. So, in order for the RSS Viewer to properly display the feed, the root Certificate Authority (CA) certificate must be added to SharePoint. To do this, perform the following steps:
Export Root Certificate
- Log onto the server running Central Administration
- Open the site containing the RSS feed that SharePoint should display with Internet Explorer. These instructions pertain to IE8/9.
- Display the site certificate details by clicking on the padlock and selecting View certificates
- Follow the certification path to the root certificate by selecting the Certification Path tab and selecting the top certificate
- Click View Certificate
- Click the Details tab
- Click Copy to File
- This will start the Certificate Export Wizard. Click Next on the welcome screen
- Click Next on the Export File Format screen
- Enter a filename for the root CA and append .cer, for example, c:\certs\thawte.cer.
- Click Next
- Click Finish
Create Central Administration Trust
- Launch Central Administration
- Click Security
- Within the General Security section, click Manage Trust
- Click New
- Enter a descriptive name for the trust. For example, "Thawte Trust", "Verisign Trust", etc.
- For the Root Authority Certificate, click Browse and locate the exported certificate
- Click OK to establish the trust relationship
The secure RSS feed should now display properly.
If you need to run T-SQL scripts/queries that utilize the xp_cmdshell stored procedure, SQL must be reconfigured to allow this:
- Launch SQL Management Studio and connect to the SQL server
- In the left pane, right click on the server name and select Facets
- Select Surface Area Configuration from the Facet drop down.
- Double click on the line which reads XPCmdShellEnabled to change the value from False to True
- Click OK
Another thing to keep in mind is that the SQL Server service account must have permission to any files/folders that the stored procedure will create/modify/delete!