+1-888-365-2779
Try Now
More in this section

Forums / Developing with Sitefinity / SSL Redirect to normal page

SSL Redirect to normal page

11 posts, 0 answered
  1. anndy
    anndy avatar
    7 posts
    Registered:
    10 Jun 2009
    29 Jul 2009
    Link to this post
    I have an SSL cert installed on the server.

    When ever I try to access the Cart pages with https://, it redirects me again to that page with http://
    I am not sure whts the reason.

    IS there any setting or something in administration side?


    Thanks.
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    29 Jul 2009
    Link to this post
    Hello anndy,

    Have you set Require SSL property for Cart pages? Are you trying to access the back end or front end of your website?

    Best wishes,
    Ivan Dimitrov
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  3. anndy
    anndy avatar
    7 posts
    Registered:
    10 Jun 2009
    29 Jul 2009
    Link to this post
    ok that was a trick. Now this is the issue.

    I have certificate for http://secure.test.com

    and the normal URL is http://test.com

    So when I enable Require SSL for a page from admin panel.

    if some1 is going to http://test.com/checkout.aspx it gives ssl error.
    but https;//secure.test.com/checkout.aspx works fine.

    Is there a easy way to get around this.

    So if some1 is coming to  http://test.com/checkout.aspx, it should be redirected to https;//secure.test.com/checkout.aspx


    Please reply
  4. SelAromDotNet
    SelAromDotNet avatar
    912 posts
    Registered:
    18 Jul 2012
    29 Jul 2009
    Link to this post
    you could add code-behind to the checkout.aspx page (or to a control running on this page) to check the host, and if it's not secure.test.com, redirect to that location:
    // make sure we're in the right domain  
    var host = new Uri(Context.Request.Url.ToString()).Host;  
    if (host != "secure.test.com")  
    {  
        var newUrl = "http://secure.test.com/checkout";  
        Context.Response.Clear();  
        Context.Response.Status = "301 Moved Permanently";  
        Context.Response.AddHeader("Location", newUrl);  
        Context.Response.End();  

    I'm using a similar approach to ensure users always include the www prefix on our web address, since our ssl certificate requires it.

    I hope this helps point you in the right direction!
  5. anndy
    anndy avatar
    7 posts
    Registered:
    10 Jun 2009
    29 Jul 2009
    Link to this post
    I made some manual changes in the links so on checkout page, it should point to https://secure.test.com/checkout.aspx.

    The problem:
    When I am on viewCart.aspx page which is non secure and has this domain: Http://test.com/viewcart.aspx

    From this page when I move to checkout.aspx page which has hardcoded URL https://secure.test.com/checkout.aspx, all the items in the cart are dropped and on the checkout page there are no items in the cart.

    My guess is that it is lossing the session.

    Any idea?
  6. prudhvi
    prudhvi avatar
    5 posts
    Registered:
    15 Sep 2006
    06 Oct 2010
    Link to this post
    Hello Admin,

    How would I enable 'Require SSL' for the entire sitemap that are created using Sitefinity. Is there a setting in web.config to enable SSL for the entire website.

    Thanks,
    Prudhvi
  7. Radoslav Georgiev
    Radoslav Georgiev avatar
    3370 posts
    Registered:
    01 Feb 2016
    06 Oct 2010
    Link to this post
    Hi prudhvi,

    You can add default properties for pages in the web.config. Open your web.config and go to cms configuration section. Then add a <pages> element and inside of it declare the default properties:
    <cms defaultProvider="Sitefinity" licenseFile="~/App_Data/LicenseFile.xml" pageExtension=".aspx" siteTemplate="" additionalExtensions=".html" projectName="Sitefinity37SP3" disabled="false" pageEditorUIMode="Overlay">
        <pages>
            <defaultProperties requireCaching="true" navigable="true" disableViewState="false" requireSSL="true" />
        </pages>


    Regards,
    Radoslav Georgiev
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  8. prudhvi
    prudhvi avatar
    5 posts
    Registered:
    15 Sep 2006
    06 Oct 2010
    Link to this post
    Do I also need to configure IIS SSL Settings to "Require SSL"? I did that and also the changes you recommended in web.config. I get "403 - Forbidden: Access is denied".

    I changed the "Require SSL" property of Page1.aspx from sitefinity (and SSL is working super fine for Admin)  to true and its working for this page. My other page Page2.aspx doesn't have the property set to true and I am getting the above exception when am trying to access this page.

    Am not sure if I am missing anything.

    Thanks,
    Prudhvi
  9. Radoslav Georgiev
    Radoslav Georgiev avatar
    3370 posts
    Registered:
    01 Feb 2016
    06 Oct 2010
    Link to this post
    Hi prudhvi,

    This setting in IiS is not required. If you have enabled this for your website in IIS than you must serve all pages through SSL.

    Regards,
    Radoslav Georgiev
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  10. prudhvi
    prudhvi avatar
    5 posts
    Registered:
    15 Sep 2006
    07 Oct 2010
    Link to this post
    Thanks.

    I believe I am really missing something here. I modified web.config with

    <cms defaultProvider="Sitefinity" pageExtension=".aspx" projectName="Thrive"
              disabled="false" pageEditorUIMode="Overlay">
                <pages>
                    <defaultProperties requireCaching="true" navigable="true" disableViewState="false" requireSSL="true" />
                </pages>
    ....

    Page1.aspx and Page2.aspx are what I am using for testing. When I visit both the (after the above changes to web.config) pages, I am redirected to http only and not https. I go to Page1.aspx and change its property "Require SSL" to true, and if I visit Page1, it takes me https, but Page2 still redirects to http only as its "Require SSL" is still set to false(default). My observation is, even if we modify web.config to the above changes you suggested, we need to go to each page and set its "Require SSL" property to true as Page2 is proving the same. I have 100s of page in my sitemap and I want all of them (including the SF Admin) to be SSL enabled and setting the property to each page is definitely not what I am looking to do.

    We are having big deployment happening this weekend and we are completely lost and are looking forward for your assistance.

    Thanks in advance.
  11. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    07 Oct 2010
    Link to this post
    Hi prudhvi,

    1. You can easily enable SSL of your pages programmatically as shown below

    var cmsManager = new CmsManager();
    IList allPages = cmsManager.GetPages();
    foreach(IPage page in allPages)
    {
       ICmsPage p = (ICmsPage)cmsManager.GetPage(page.ID, true);
       p.RequireSSL = true;
       cmsManager.SavePage(p);
    }


    2. <cms> node of the web config and its providers accepts the following parameters for SslRedirection

    •   ToHttpsOnly redirects only to HTTPS if RequireSSL  is true.
    •   None - no redirection regardless of the RequireSSL page property
    •   Both - this is the default Default - redirect in both directions regarding the RequireSSL property.



    Greetings,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Register for webinar
11 posts, 0 answered