+1-888-365-2779
Try Now
More in this section

Forums / Deployment / Enable SSL for Sitefinity Admin on 4.01

Enable SSL for Sitefinity Admin on 4.01

10 posts, 0 answered
  1. Curt
    Curt avatar
    2 posts
    Registered:
    14 Feb 2011
    11 Mar 2011
    Link to this post
    Hello,

    I've reviewed several other posts which I thought relate to this, but none of the solutions seem to work for me.

    I am trying to enable SSL for the Sitefinity admin on our 4.01 installation.  I understand how to do that in IIS, and how to do this for individual pages created through Sitefinity.  I can't seem to find a working solution to enable the admin area for SSL.  It does not have to automatically redirect to SSL, although that would be great if it could.

    Can anyone provide some guidance to me on how to achieve this?

    Thanks
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    11 Mar 2011
    Link to this post
    Hi Curt,

    You should see the SSL from IIS over Sitefinity directory of the web application.

    Best wishes,
    Ivan Dimitrov
    the Telerik team
  3. Curt
    Curt avatar
    2 posts
    Registered:
    14 Feb 2011
    11 Mar 2011
    Link to this post
    Hi Ivan,

    Thanks for the quick response.

    Actually, I did try setting the "require SSL" attribute in IIS 7 for the "Sitefinity" folder.  This did present me with a login to the Sitefinity admin area using the "https://mydomain.com/sitefinity" address.  But, once user credentials are entered and submitted, the browser seems to be forced back to "http://mydomain.com/sitefinity" on the following page and fails.  

    This also has a side effect that seems to prevent the rest of the site from getting our CSS document located in \website_root\App_Data\Sitefinity\WebsiteTemplates\project_name\App_Themes\project_name\Global\main.css .

    This made me think there may be some other explicit setting we need to make in order to prtect the Admin area with SSL, while allowing the rest of the site access to the CSS document.

    Is there some other setting that explicitly calls the "http" version of the site for admin?  We are using Windows 2008, 64-bit with IIS 7.

    Thanks for your help. 
  4. Neven Dinev
    Neven Dinev avatar
    43 posts
    Registered:
    29 Sep 2016
    18 Mar 2011
    Link to this post
    Hello Curt,

    The problem is actually a bug in sitefinity that forces http after login. Bug is loged #110815. So currently you can secure only your credentials during log in process.
     
    All the best,
    the Telerik team
  5. Gabe Sumner
    Gabe Sumner avatar
    440 posts
    Registered:
    09 Sep 2007
    22 Mar 2011
    Link to this post
    Hey Curt,

    Sorry for the troubles related to this bug.  I was poking around internally and I see this bug mentioned in the Q1 planning.  This release is just a couple weeks away (first week of April).  Hopefully we'll have a fix soon.

    Thanks for bringing this to our attention.

    Gabe Sumner
    Telerik | Sitefinity CMS
  6. Ian
    Ian avatar
    2 posts
    Registered:
    04 Feb 2011
    30 May 2011
    Link to this post
    Sorry for the multiple postings..  but does anyone have an update on this?
    I desperately need to be able to get the entire sitefinity backend (and all associated service calls) to be SSL secured. 
    I'm running SF 4.1 SP1.


  7. Boyan Barnev
    Boyan Barnev avatar
    1429 posts
    Registered:
    02 Dec 2016
    31 May 2011
    Link to this post
    Hi Ian,

    Here's a quick workaround - you can just provide the ceritficate in IIS and then you have to go and set SSL to each page individually (same goes for backend pages) by going to ~/Sitefinity/Pages and then click on Actions-> Edit Title and Properties and then form Advanced options tick the Require SSL checkbox.Please take a look at the attached screenshot for more information.


    All the best,
    Boyan Barnev
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  8. Bert
    Bert avatar
    6 posts
    Registered:
    17 Sep 2010
    29 Jul 2011
    Link to this post
    Hi We encounter the same problem running Sitefinity 4.1.1395.0

    Boyan, the workaround you describe is only possible on pages added in the CMS, but not on the /Sitefinity admin pages or am I missing something?

    Cheers,

    Bert van Nes
    Risa IT
  9. Boyan Barnev
    Boyan Barnev avatar
    1429 posts
    Registered:
    02 Dec 2016
    29 Jul 2011
    Link to this post
    Hello Bert,

    Actually backend pages are just like normal pages only their parent node is not Pages but Backend, besides that there are no notable differences in the ir functionality, and as such the same  require SSL property can be enabled. Actually you can use the pages API to get all pages (if you omit the filter for .LocatedIn(PageLocation.Frontend) the code will automatically get all pages including backend pages), and programatically set the RequireSSL property to "true" instead of going an manually ticking it on each page.

    All the best,
    Boyan Barnev
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  10. Bert
    Bert avatar
    6 posts
    Registered:
    17 Sep 2010
    29 Jul 2011
    Link to this post
    Hi Boyan,

    Thanks, I've found the backend pages in the Administration section :)

    As a faster workaround I looked up the database table [sf_page_data] and set  the value in column [require_ssl] for each record to 1.

    Cheers,
    Bert van Nes
    Risa IT
10 posts, 0 answered