Forums

Skip Navigation LinksHome / Developer Network / Forums / Sitefinity Older Versions (3.x): Deployment > SSL Issue

SSL Issue

Feed from this thread
  • VIJAIANAND Intermediate avatar

    Posted on May 12, 2011 (permalink)

    We are working on deploying our site currently in dev server with SSL. We added the SSL on the sitefinity site and made the page to require SSL but it still not picking up SSL. It just repoints to the http://. Whats the deal? We need help.

    Reply

  • Ivan Dimitrov Ivan Dimitrov admin's avatar

    Posted on May 13, 2011 (permalink)

    Hello VIJAIANAND,

    Inside <cms> node of website config file you could try adding one of following parameters that affect the SSL redirection.

    • ToHttpsOnly redirects only to HTTPS if RequireSSL  is true.
    • None - no redirection regardless of the RequireSSL page property
    • Both - this is the default value- redirects in both directions regarding the RequireSSL property.


    Regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

    Reply

  • VIJAIANAND Intermediate avatar

    Posted on May 13, 2011 (permalink)

    It is actually sslRedirection not SSLRedirection and it worked.

    <cms sslRedirection="ToHttpsOnly">

    Thanks.

    Reply

  • VIJAIANAND Intermediate avatar

    Posted on May 13, 2011 (permalink)

    Is it possible to redirect to SSL regardless of RedirectSSL property?

    Reply

  • Ivan Dimitrov Ivan Dimitrov admin's avatar

    Posted on May 17, 2011 (permalink)

    Hello VIJAIANAND,

    It is possible with a custom class that inherits from CmsHttpModule. There is a virtual method ProcessSslRedirect that you can override and make explicit redirect

           private void RedirectToHttps()
            {
                HttpContext context = HttpContext.Current;
                context.Response.Redirect(context.Request.Url.AbsoluteUri.Replace("http://", "https://"), true);
            }

    Greetings,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

    Reply

  • Michael Waddell avatar

    Posted on Jul 1, 2011 (permalink)

    I learned some things reading this post, and came up with a workable, code-free configuration, as follows:

    My testing showed that without sslRedirection="ToHttpsOnly", page requests tend to redirect themselves to http:// protocol regardless of whether they were https:// or http:// locations to begin with.

    Adding the sslRedirection="ToHttpsOnly" prevents the page from automatically redirecting itself to http://, while still allowing an http:// request to be executed without a problem. This behavior occurs when the page properties are default (it does NOT have Require SSL set to Yes).

    To maintain login page forced security, and a "preference" behavior site-wide for https:// , I set login.aspx property Require SSL = Yes. Other pages are at the default (No). web.config edited for: <cms sslRedirection="ToHttpsOnly"...
    Now I get forced secure login, and default page requests defer to SSL. Works OK for me.
    Sitefinity 3.7 SP4

    Reply

  • Dmitry avatar

    Posted on Sep 7, 2011 (permalink)

    Hello Ivan,

    in my webconfig I have not a <cms> node. Where can i adjust the sslRedirection property?

    Reply

    • Register for webinar
Skip Navigation LinksHome / Developer Network / Forums / Sitefinity Older Versions (3.x): Deployment > SSL Issue