Guide to SSL.

Posted by Community Admin on 30-Jul-2012 00:00

Can anyone point me to documentation or a guide to SSL within SiteFinity?

We are trying to change the login page to require SSL but whenever we do we get an error message 'Missing configuration for the requesting relying party'.

I have searched in the documentation but I cannot find any help whatsoever!

Thanks in advance.

Mark

Posted by Community Admin on 05-Sep-2012 00:00

Sitefinity does not handle the HTTP to HTTPS jump very well. If you set all back end pages to RequireSSL (There's a small script you can run to do it) and hit yoursite.com/Sitefinity it should login correctly. But if you hit http://yoursite.com/Sitefinity, it will give you an error about a missing configuration.

Similarly, if you have a site where you want ONLY the admin side to be SSL, you are SOL for the same reason. Trying to edit any pages NOT marked RequireSSL from the HTTPS admin interface will fail with the same error.

Right now, I believe the only option is setting RequireSSL on EVERYTHING in order to do anything.

Posted by Community Admin on 18-Sep-2012 00:00

Michael,

Do you know how to set SSL on everything?
I'm having some problems. My site is to require SSL for every page, but I can only seem to be able to set it page at a time for front end pages, not for backend.

Posted by Community Admin on 18-Sep-2012 00:00

Byzza,

I ended up creating a small widget that will set front-end or back-end pages to Require SSL. I then published this widget to a NEW back-end page under the Administration menu. Below is an example of the code I wrote.

ForceSSL.ascx

01.

<%@ Control Language="C#" AutoEventWireup="true" CodeBehind="ForceSSL.ascx.cs" Inherits="My.Sitefinity.Widgets.ForceSSL" %>

02.

03.<asp:Panel ID="GrantedAccessPanel" runat="server">

04.

05. <h1 class="sfBreadCrumb" id="sfToMainContent">

06. Manage SSL Settings

07. <span class="sfBreadCrumbBack"></span>

08. </h1>

09.

10. <div class="sfMain sfClearfix">

11. <div class="sfContent">

12. <div>

13. <div class="sfAllToolsWrapper">

14.

15. </div>

16. <div class="sfWorkArea">

17.

18. <br /><br />

19.

20. <asp:DropDownList ID="SiteMapDropDownList" runat="server">

21. <asp:ListItem Text="Front-End Pages" Value="0"></asp:ListItem>

22. <asp:ListItem Text="Back-End Pages" Value="1"></asp:ListItem>

23. </asp:DropDownList>

24.

25. <br /><br />

26.

27. <asp:RadioButtonList ID="SSLSettings" runat="server">

28. <asp:ListItem Text="Turn SSL On" Value="On" Selected="True"></asp:ListItem>

29. <asp:ListItem Text="Turn SSL Off" Value="Off"></asp:ListItem>

30. </asp:RadioButtonList>

31.

32. <br />

33.

34. <asp:Button ID="SubmitButton" runat="server" Text="Save changes"

35. onclick="ApplyChangesButton_Click" />

36.

37. <br /><br />

38.

39. <asp:Literal ID="MessageLiteral" runat="server"></asp:Literal>

40. </div>

41. </div>

42. </div>

43. </div>

44.

45.</asp:Panel>

ForceSSL.ascx.cs

01.using System;

02.using Telerik.Sitefinity;

03.using Telerik.Sitefinity.Data;

04.

05.namespace My.Sitefinity.Widgets

06.

07. public partial class ForceSSL : System.Web.UI.UserControl

08.

09. /// <summary>

10. /// Apply Changes

11. /// </summary>

12. /// <param name="sender"></param>

13. /// <param name="e"></param>

14. protected void ApplyChangesButton_Click(object sender, EventArgs e)

15.

16. // Declare and Initialize Local Variables

17. var sslOn = SSLSettings.SelectedValue == "On";

18.

19. // Update Front End Pages

20. if (SiteMapDropDownList.SelectedValue == "0")

21.

22. var appfp = App.WorkWith().Pages();

23. var FrontendPages = appfp.LocatedIn(Telerik.Sitefinity.Fluent.Pages.PageLocation.Frontend).Get();

24.

25. // Loop through each page

26. foreach (var page in FrontendPages)

27.

28. if (page.Page != null)

29.

30. page.Page.RequireSsl = sslOn;

31.

32.

33.

34. // Update all the pages

35. TransactionManager.CommitTransaction(appfp.GetManager().TransactionName);

36.

37.

38. // Update Back End Pages

39. if (SiteMapDropDownList.SelectedValue == "1")

40.

41. var appbp = App.WorkWith().Pages();

42. var BackendPages = appbp.LocatedIn(Telerik.Sitefinity.Fluent.Pages.PageLocation.Backend).Get();

43.

44. // Loop through each page

45. foreach (var page in BackendPages)

46.

47. if (page.Page != null)

48.

49. page.Page.RequireSsl = sslOn;

50.

51.

52.

53. // Update all the pages

54. TransactionManager.CommitTransaction(appbp.GetManager().TransactionName);

55.

56.

57. // Display message to user

58. MessageLiteral.Text = "You have successfully set the " + ((SiteMapDropDownList.SelectedValue == "0") ? "Front-End Pages to " : "Back-End Pages to ") + ((sslOn) ? "require SSL." : "NOT require SSL.");

59.

60.

61.

Enjoy!

Posted by Community Admin on 18-Sep-2012 00:00

HI Craig,

That is great. thank you. I did managed to muddle my way through my changing directly in the DB yesterday, but I'm going to add in your widget so that I can change it on and off when on the test server and live.