Enable SSL for Sitefinity Admin on 4.01

Posted by Community Admin on 05-Aug-2018 00:23

Enable SSL for Sitefinity Admin on 4.01

Sitefinity - On Premise – Configurations & Setup

All Replies

Posted by Community Admin on 11-Mar-2011 00:00

Hello,

I've reviewed several other posts which I thought relate to this, but none of the solutions seem to work for me.

I am trying to enable SSL for the Sitefinity admin on our 4.01 installation.  I understand how to do that in IIS, and how to do this for individual pages created through Sitefinity.  I can't seem to find a working solution to enable the admin area for SSL.  It does not have to automatically redirect to SSL, although that would be great if it could.

Can anyone provide some guidance to me on how to achieve this?

Thanks

Posted by Community Admin on 11-Mar-2011 00:00

Hi Curt,

You should see the SSL from IIS over Sitefinity directory of the web application.

Best wishes,
Ivan Dimitrov
the Telerik team

Vote for the 7 Telerik products at the 2011 Great Indian Developer Awards!

Posted by Community Admin on 11-Mar-2011 00:00

Hi Ivan,

Thanks for the quick response.

Actually, I did try setting the "require SSL" attribute in IIS 7 for the "Sitefinity" folder.  This did present me with a login to the Sitefinity admin area using the "mydomain.com/sitefinity" address.  But, once user credentials are entered and submitted, the browser seems to be forced back to "mydomain.com/sitefinity" on the following page and fails.  

This also has a side effect that seems to prevent the rest of the site from getting our CSS document located in \website_root\App_Data\Sitefinity\WebsiteTemplates\project_name\App_Themes\project_name\Global\main.css .

This made me think there may be some other explicit setting we need to make in order to prtect the Admin area with SSL, while allowing the rest of the site access to the CSS document.

Is there some other setting that explicitly calls the "http" version of the site for admin?  We are using Windows 2008, 64-bit with IIS 7.

Thanks for your help. 

Posted by Community Admin on 18-Mar-2011 00:00

Hello Curt,

The problem is actually a bug in sitefinity that forces http after login. Bug is loged #110815. So currently you can secure only your credentials during log in process.
 
All the best,
the Telerik team

Vote for the 7 Telerik products at the 2011 Great Indian Developer Awards!

Posted by Community Admin on 22-Mar-2011 00:00

Hey Curt,

Sorry for the troubles related to this bug.  I was poking around internally and I see this bug mentioned in the Q1 planning.  This release is just a couple weeks away (first week of April).  Hopefully we'll have a fix soon.

Thanks for bringing this to our attention.

Gabe Sumner
Telerik | Sitefinity CMS

Posted by Community Admin on 30-May-2011 00:00

Sorry for the multiple postings..  but does anyone have an update on this?
I desperately need to be able to get the entire sitefinity backend (and all associated service calls) to be SSL secured. 
I'm running SF 4.1 SP1.


Posted by Community Admin on 31-May-2011 00:00

Hi Ian,

Here's a quick workaround - you can just provide the ceritficate in IIS and then you have to go and set SSL to each page individually (same goes for backend pages) by going to ~/Sitefinity/Pages and then click on Actions-> Edit Title and Properties and then form Advanced options tick the Require SSL checkbox.Please take a look at the attached screenshot for more information.


All the best,
Boyan Barnev
the Telerik team

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 29-Jul-2011 00:00

Hi We encounter the same problem running Sitefinity 4.1.1395.0

Boyan, the workaround you describe is only possible on pages added in the CMS, but not on the /Sitefinity admin pages or am I missing something?

Cheers,

Bert van Nes
Risa IT

Posted by Community Admin on 29-Jul-2011 00:00

Hello Bert,

Actually backend pages are just like normal pages only their parent node is not Pages but Backend, besides that there are no notable differences in the ir functionality, and as such the same  require SSL property can be enabled. Actually you can use the pages API to get all pages (if you omit the filter for .LocatedIn(PageLocation.Frontend) the code will automatically get all pages including backend pages), and programatically set the RequireSSL property to "true" instead of going an manually ticking it on each page.

All the best,
Boyan Barnev
the Telerik team

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 29-Jul-2011 00:00

Hi Boyan,

Thanks, I've found the backend pages in the Administration section :)

As a faster workaround I looked up the database table [sf_page_data] and set  the value in column [require_ssl] for each record to 1.

Cheers,
Bert van Nes
Risa IT

This thread is closed