+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / Cannot edit pages if RequireSSL is set to true

Cannot edit pages if RequireSSL is set to true

22 posts, 0 answered
  1. John
    John avatar
    61 posts
    Registered:
    08 Jun 2012
    21 Mar 2012
    Link to this post
    Hello,

    We are running SF version 4.3.1885.0.
    We have recently turned on RequireSSL for all pages in our site - including all back-end pages. We are using self-signed certs on our dev environments. We do *not* have require ssl set to true in the IIS configuration.

    We are getting strange behavior, and some errors when trying to edit our front-end pages via the SF admin screens. With SSL enabled for all pages, we are unable to publish. When we try, we receive the following dialog box message:

    "The HTTP request was forbidden with client authentication scheme 'Anonymous'."

    If we set RequireSSL to "false" for the *back-end* pages, we are able to publish, but see other issues. For example, when dropping in a content block, we are not seeing the initial Edit Content icon. In addition, if we edit the contents of the block and save the changes, the changes are not reflected in the administrative Edit page view. We can preview the page and see the changes, and publishing the page and returning to edit mode will show the changes.

    We need to have SSL enabled for all of our pages, so turning off SSL is not an option for us. 

    Is there some other configuration setting necessary to properly enable SSL in Sitefinity? 

    Regards,
    John G.
  2. Veronica
    Veronica avatar
    125 posts
    Registered:
    30 Jan 2015
    23 Mar 2012
    Link to this post
    Hello,

    Basically there is no other setting that you need to apply in order to run the Pages in SSL encryption. However in your post you mentioned that you didn't set the "Require SSL" setting in the IIS. Is there any specific reason for that?

    Greetings,
    Veronica Milcheva
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. John
    John avatar
    61 posts
    Registered:
    08 Jun 2012
    23 Mar 2012
    Link to this post
    Hi Veronica,

    There is no need to set the Require SSL in IIS - it only serves to block access if HTTPS isn't used. However, we have tried with this setting on as well - with the same results.

    Is this an issue because we are using a self-signed cert? This is troubling since we won't be able to purchase a signed cert for testing, so we can't verify if the issue will go away in production.

    This seems to clearly be a bug - SF page administration behaves differently when the RequireSSL is set to true for a front-end page, which would be a pretty common scenario.

    Thanks for any help,
    John G

  4. Veronica
    Veronica avatar
    125 posts
    Registered:
    30 Jan 2015
    26 Mar 2012
    Link to this post
    Hello,

    Thank you for the information provided.

    After further investigation I found that this is actually a Known Issue in Sitefinity. After pressing the "Publish" of the page you cannot be redirected in the backend. However the page is published and you can access it by the url. Here's the PITS Issue Url so that you can track its status.

    Please accept my apologies for the caused inconvenience.

    All the best,
    Veronica Milcheva
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. GV
    GV avatar
    33 posts
    Registered:
    11 Sep 2009
    04 Apr 2012
    Link to this post
    Hi John,
    Did you mange to find a fix for this? We're struck with the same issue. After aplying SSL, we cannot edit the content and cannot delete any pages. Please let me know if you have a solution for this?
    Thanks
    Gopal
  6. John
    John avatar
    61 posts
    Registered:
    08 Jun 2012
    04 Apr 2012
    Link to this post
    Hi GV,

    No answer. All the help we got is in this thread. I left a question on the linked PITS issue, and it's the only comment in there.

    This sure seems like a significant issue to us. Protection for the admin section should be a priority.

    Regards,
    John
  7. Atanas Valchev
    Atanas Valchev avatar
    414 posts
    Registered:
    04 Jan 2016
    10 Apr 2012
    Link to this post
    Hi guys,

    If your Frontend behavior is normal with SSL enabled, workaround for the Backend issues is disabling SSL (form the page->Actions->Title and properties->Require SSL checkbox)->Clearing the browser cache-> Editing the page, publishing etc(you will be able to edit the page when SSL is off)->Enabling SSL again. I know it is a bit of a hassle but it is an option while the issue is being worked on.

    I apologize for the inconvenience caused.

     

    Kind regards,
    Atanas Valchev
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  8. Nicolas
    Nicolas avatar
    156 posts
    Registered:
    19 Jan 2011
    10 Apr 2012
    Link to this post
    Hi,
    Sitefinity > Administration > Settings > Advanced > ServicesPaths : set your url site without https.
    It's unlock publishing workflow for full https site.

    Regards,
    Nicolas
  9. John
    John avatar
    61 posts
    Registered:
    08 Jun 2012
    10 Apr 2012
    Link to this post
    Hi Nicolas,

    Thanks for the information.

    We looked into that suggested work-around before, but it's not so straight-forward for sites that must be deployed to multiple environments (like ours) without jumping through extra hoops to make sure that value is configured correctly in each different environment. For this reason, we have not yet tried this work-around.

    We did notice that there are several commented-out sections in the web.config file with notes similar to this:
    <!-- note: To enable https/SSL support for the Analytics module, uncomment this endpoint -->
    It's curious that these are explicitly provided for the Analytics module, but not for any other modules or services.

    Regards,
    John G
  10. Nicolas
    Nicolas avatar
    156 posts
    Registered:
    19 Jan 2011
    10 Apr 2012
    Link to this post
    Hi,
    I ve a full https site and we don't use Analytics. So we didn't uncomment and it has no impact.
    It's probably needed because this is a part of google webApp and requests are differents
    according to the protocol.

    Regards,
    Nicolas
  11. Guillermo
    Guillermo  avatar
    9 posts
    Registered:
    17 Feb 2012
    02 May 2012
    Link to this post
    Hi all,

    I'm running into the same refresh problem John mention when having a complete SSL secured site (both front and back ends) . Our users will have to hit preview all the time in order to see the changes on the pages.  Weird thing is that this do not happen when designing templates.  I realized that the update of the content fails for a service call that looks like this:

    ControlPropertyService.svc/batch/4f0658d7-f387-4718-b8ad-3f4f475f3511/?pageId=5a809ee7-34b5-4519-ab62-f1919b8459bc&mediaType=Page&checkLiveVersion=False&upgradePageVersion=False&propertyLocalization=0&isOpenedByBrowseAndEdit=false

    with the following error message:
    {"Detail":"Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)."}
    
    As Nicolas suggest, I tried to change the ServicePath property on Administration > Settings > Advance > System > ServicesPaths and set the WorkflowBaseUrl property to my root on http without success.
    
    As soon I disable "Required SSL" checkbox, my page start working fine again.  
    
    Does anyone has any suggestion that may help overcome this problem?
    
    Thanks
    
    
  12. Nicolas
    Nicolas avatar
    156 posts
    Registered:
    19 Jan 2011
    02 May 2012
    Link to this post
    Hi,
    I set required ssl only on Sitefinity folder not on all web site.

    Regards,
    Nicolas
  13. Dan Sorensen
    Dan Sorensen avatar
    256 posts
    Registered:
    13 Aug 2010
    02 May 2012
    Link to this post
    Nicolas: Do you have any App_Data folders, such as themes? I heard that they are mapped under "Sitefinity". If so, wouldn't setting SSL to all of "Sitefinity" affect the front end site?

    I wish there was a simple way to enable or disable SSL for various pages.
  14. Nicolas
    Nicolas avatar
    156 posts
    Registered:
    19 Jan 2011
    03 May 2012
    Link to this post
    Hi,
    I made a bad explanation there are two folders Sitefinity and it can be confused.
    Sitefinity folder are on root (it contains Services), this is not the one under App_Data.

    Regards,
    Nicolas
  15. Nicolas
    Nicolas avatar
    156 posts
    Registered:
    19 Jan 2011
    03 May 2012
    Link to this post
    The process I follow for a full https site under IIS 6.5:
    - Required SSL on Sitefinity folder on root (it contains Services)
    - Set all pages [require_ssl] to 1 into sf_page_data datatable
    - Configure Sitefinity > Administration > Settings > Advanced > ServicesPaths with root url site without https

    Originally I wanted only Sitefinity backend in https but did not allow it. Maybe on next version.
  16. Guillermo
    Guillermo  avatar
    9 posts
    Registered:
    17 Feb 2012
    03 May 2012
    Link to this post
    Thanks Nicolas for clear that out. I will try it and hope that works for me too... 
  17. Spiro
    Spiro avatar
    1 posts
    Registered:
    01 Apr 2009
    04 May 2012
    Link to this post
    Hi Nicolas.

    By setting the "ServicesPaths" property you mean  Sitefinity > Administration > Settings > Advanced > System > ServicesPaths> WorkflowBaseUrl

    I tried setting it to http://my_site_url and http://my_site_url/Sitefinity/Services/ but that didn't help. What value did you use?
  18. Nicolas
    Nicolas avatar
    156 posts
    Registered:
    19 Jan 2011
    09 May 2012
    Link to this post
    Hi Spiro,
    I use base url http://my_site_url/, you don't have to specify directly path to services.
    This configuration is useful only to avoid blocking Sitefinity's workflow publication in backend.

    If your https configuration is correct event without this, you should be able to navigate on your site.

    Regards,
    Nicolas
  19. John
    John avatar
    61 posts
    Registered:
    08 Jun 2012
    09 May 2012
    Link to this post
    The big problem here in our opinion - and this does not appear to be fixed in v5 either - is that the administrative pages do not behave correctly for public pages that are under SSL. You have to save as draft, or publish, pages before you can see your changes in the admin screens.

    This is not to mention that setting the backend to use SSL causes additional problems. Maybe these can be addressed via the services URL config setting, but this seems like more of a work-around than a solution. This work-around complicates the deployment process (you'll need to remember to set it correctly in each environment you need to deploy to, or create scripts to manage this for you).

    John G

  20. Nicolas
    Nicolas avatar
    156 posts
    Registered:
    19 Jan 2011
    09 May 2012
    Link to this post
    Hi John,
    I have a configuration for preview with SSL.

    Administration > Settings > Advanced > System > Site Url Settings

    Before 5.x:
       - Check Replace Site URL checkbox
       - Site URL => https://mysite/
    5.x +:
       - Check Enable non-default Site URL Settings
       - The Host => mysite/

    Regards,
    Nicolas
  21. Guillermo
    Guillermo  avatar
    9 posts
    Registered:
    17 Feb 2012
    05 Jun 2012
    Link to this post
    Hi all,

    I'm still without luck setting my site under SSL.
    I will like to note that as soon as I place a content block in the page, the ZoneEditorService.svc failed and this is the error on the logs:

    Type : System.NullReferenceException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
    Message : Object reference not set to an instance of an object.
    Source : Telerik.Sitefinity
    Help link : 
    Data : System.Collections.ListDictionaryInternal
    TargetSite : System.Web.UI.Page CreateHandler(System.Web.Routing.RequestContext, System.Web.UI.ITemplate)
    HResult : -2147467261
    Stack Trace :    at Telerik.Sitefinity.Web.RouteHandlerBase.CreateHandler(RequestContext requestContext, ITemplate pageTemplate)
       at Telerik.Sitefinity.Web.UI.ControlLiteralRepresentation.Render(HtmlTextWriter writer)

    Regards
  22. Michael
    Michael avatar
    67 posts
    Registered:
    16 Mar 2012
    05 Sep 2012
    Link to this post
    I'm struggling with this at the moment. Telerik support suggested setting all back end pages to RequireSSL (Which we did). However, the authentication check that is done in certain places on the back end interface seems to be a redirect to another page to check permissions or something, and it passes the URL that is trying to get to to it (/Sitefinity/Authenticate/SWT?URL). When that URL is an HTTP URL (e.g., when you are in Pages, and trying to edit a page that DOESN'T have RequireSSL marked and your backend pages all DO have RequireSSL marked, or vica versa) this jump from HTTPS to HTTP breaks the Sitefinity authentication method.

    This is a bug that Telerik has to fix on their end as far as I can tell.
22 posts, 0 answered