HOW TO SETUP PBRS TO USE A Certificate

by | Dec 11, 2019 | ConfigMgr, How-To, SQL Server Reporting Services, Tips | 17 comments

Last updated on December 22nd, 2023 at 12:17 pm

The blog post was originally post in 2019, however based on feedback, update it to provide more details. It is continuation from How To Request Certificate to Use HTTPS / SSL On SSRS or PBRS, where I left off after showing you how to prepare Power BI Report Server (PBRS) or SQL Server Reporting Services (SSRS) for the server (website) certificate. In this post, I show you how to complete the process of How To Setup PBRS To Use Certificate.

Note

I will be showing PBRS but the steps are exactly the same for SSRS. As such when I say PBRS I also mean SSRS unless I directly say otherwise.

If you recall, previous blogs, I covered all of the steps needed to request the server certificate for use with PBRS. In some cases, you will also need to change the PBRS execution account to use the Network services account.

Next, in this post, I show you how to setup PBRS use the certificate for HTTPS, test the PBRS website.

The overall process is as follows:

  • Using Certificate plug in for MMC, request the certificate
  • Setup PBRS to use the server certificate.
  • Test the PBRS website.
  • Clean-up.
  • Removed Port 80 from PBRS

SETUP PBRS TO USE HTTPS PREREQUISITES

In order to put together this step-by-step guide, I created a new virtual machine (VM) memrp2 and then installed SQL Server 2019 (using the SQL 2017 guised and nothing has really changed How to Install SQL Server 2017). Next, I installed PBRS itself, use the SSRS 2017 guide (How to Install SQL Server Reporting Services 2017). Long ago, I setup a domain certificate authority in my domain, so you should have the same too. I will make it a ConfigMgr reporting point after I setup the SSL/HTTPS. Now we are at our stating point. From here, I will show you how to setup SSRS to use HTTPS.

Before continuing, make sure that you review and complete the steps within the first blog post: 

  • How To Request Certificate to Use HTTPS / SSL On SSRS or PBRS

SETUP PBRS TO USE THE SERVER CERTIFICATE

Web Service URL before selecting Cert.

Open Report Server Configuration Manager and select the Web Service URL node.

Selecting the Cert for PBRS

In the HTTPS Certificate drop-down, select the friendly name of the certificate that you created earlier. In my case the FQDN of the server.

Selected Certificate

Click on the Apply button and wait for the results to complete. This might take several minutes.

Warning Message

The specified url was unexpectedly reserved. The previous reservation has been overridden.

The specified url may have been reserved by another product.

If you receive this warning message, click OK to continue. I found that this warning message does not cause any issues. As such, I recommend, however, testing the URL to confirm that it works correctly. I cover how to do that in the next section.

Web Portal URL

Click on the Web Portal URL node. Next, click Advanced.

Advanced Windows before adding Cert

Under the Multiple HTTPS Identities for the currently Reporting Services feature, click on the Add button.

Selected Cert for Report URL.

Select the Certificate drop-down and choose the friendly name of the certificate that you created earlier. If you want (All IPv6) addresses too, select that from the IP Address drop-down.

Click OK.

Advanced window showing selected Cert

Click OK.

Successfully applied Cert to Report URL

Wait for the Results window to say: The task completed successfully.

Make note of the HTTPS URL above. You will need to remember it when you go to test the SSRS website in the next section.

TEST THE PBRS WEBSITE

Testing Web Service URL using link within the Report Server Configuration Manager

Back on the Web Service URL node, click on the HTTPS URL listed in the Report Server Web Service URLs section. In my case, it is https://memrp2.op.memreports.com/PBReportServer and remember I’m not using the default name. Your will like say ReportServer.

ReportServer URL in a browser

This action launches a browser and connects to the ReportServer URL. A successful install looks similar to the one above.

If you see ConfigMgr_<site code>.OLD.* this means that the SCCM Reporting Point was active during the update to HTTPS, so this folder can be deleted. Details about how to delete the folder are covered a bit later on in this blog post.

Changing to Report URL

Next, add the text, “Reports,” to the end of the URL and hit Enter in order to continue. This URL should match the URL that you noted previously in the Web Portal URL section. In my case it is: https://memrp2.op.memreports.com/PBReports and remember I’m not using the default name. Your will like say Reports.

Report URL in a browser

A successful site looks similar to the image above.

Using the same URL, https://memrp2.op.memreports.com/PBReports, browse to the HTTPS site from a remote computer. This test should also be successful, but if not, check your firewall ports. If you need additional help, check out my post, Why Can’t I Access My SSRS Site Remotely? It is written for HTTP, but the steps still apply for HTTPS, except instead of using port 80, use 443. Everything else in that blog post is the same for HTTPS.

With that last step successfully completed, SSRS is leveraging HTTPS (mostly).

Video on How to Setup PBRS to use a Certificate

CLEAN-UP: HOW TO DELETE CONFIGMGR_<SITE CODE>.OLD.*

Initially, I was going to show you how, in this post, to clean-up the “OLD” folder. In any case, I found out that I already published a post, not too long ago, on how to do that! Please check out, “How to Delete SSRS Reports and Folders,” for more details.

Lastly, I would like to thank Niall Brady for giving me the excuse to write this blog post. If you have any questions about how to setup PBRS to use HTTPS, please feel free to touch base with me @GarthMJ.