Challenge Email Issues

Topics: Core, Customizing Orchard, General, Troubleshooting
Jun 20, 2012 at 12:05 PM
Edited Jun 20, 2012 at 12:08 PM

When I enable the Users must verify their email address in the Users settings and when a new account is registring on my site, the new user is redirected to the a the page  which says ...

Challenge Email Sent

An email has been sent to you. Please click on the link it contains in order to have access on this site.

... and an email is successfully sent to the new user's email address ... however when the user attempts to validate their new account by clicking on the embedded link within the challenge response email that was sent to them it seems to fail taking the user to this page ...

Challenge Email

Your email address could not be validated.

Is there some machine key that I need to install in Web config to get this to work properly?


Jun 20, 2012 at 7:08 PM

i have not this issue.

u may try machine key( i used)

Jun 20, 2012 at 7:16 PM

I am not 100% sure what you are saying... but it may be that you are saying that you had this issue and resolved this with a machine key.  Is that correct?

Jun 20, 2012 at 7:32 PM

I just tried to a refreshed version of  machine keys and still I get the same error when clicking on the link issued in the email ...

Challenge Email

Your email address could not be validated.

However I noticed that the email link had the page as https://....


When I paste the link in a browser and remove change it to http://... instead of https://... it works fine.

I do have a valid cert installed and SSL is setup on this site.  Any ideas as to what is wrong and how I can either have the email issued with a http://.. instead of the https://..

or is there something else I still need to configure?

Also the challenge email has my site link at the top of the email but it has included a period in the link which makes it invalid.

Jun 20, 2012 at 7:50 PM
Edited Jun 20, 2012 at 7:52 PM

Problem resolved!

Changed  Enable SSL on all administration pages  == True

Changed Enable SSL on specific pages == True

and added the following to the requires SSL  list ...  https://{MySite}/Users/Account/ChallengeEmail

Al had already inserted a machine key prior to all of this not working so unless you have not done so, make sure you do add a machine key to your local root web config.

Also Enable SSL on authentication pages was already set == True.



Jun 20, 2012 at 7:58 PM

Whoops spoke to soon ...

Just tried another account and its failing like before.

What can I do to resolve this issue?

Jun 20, 2012 at 9:22 PM
jkears wrote:

I am not 100% sure what you are saying... but it may be that you are saying that you had this issue and resolved this with a machine key.  Is that correct?


i never have had

Jun 20, 2012 at 9:26 PM

i guess it is SSL, because my site did not use it and ok

Jun 20, 2012 at 11:52 PM

I have exactly the same installation with SSL on authentication pages and works fine with these settings:

Base Url without https

Enable SSL on authentication pages  == True

That should send the e-mail with a link of the http version of your site, for users to verify their e-mail address. Since that post has no unecrypted sensitive data you should have no problem.

Is there any specific reason you want to keep other pages under SSL ?

Jun 21, 2012 at 12:09 AM


Ironically this is how I had it originally setup but it still emailed the validation link with HTTPS.

For some reason the link in the Email always starts with https://... even though the base URL within General settings is set to http://....  and

Enable SSL on authentication pages  == True only set on.

I assume that there isn't another base URL that I need to set is there? 

Jun 21, 2012 at 1:58 PM
Edited Jun 21, 2012 at 2:03 PM

Follows some source from the SendChallengeEmail/Admin controller. It looks to me like it uses the Route /Users/Account/ChallengeEmail and adds the BaseUrl in front.

var siteUrl = Services.WorkContext.CurrentSite.As<SiteSettings2Part>().BaseUrl;
_userService.SendChallengeEmail(user.As<UserPart>(), nonce => Url.MakeAbsolute(Url.Action("ChallengeEmail", "Account", new { Area = "Orchard.Users", nonce = nonce }), siteUrl));

The only reason for Url.MakeAbsolute to use a protocol different than the one specified in BaseUrl is to find BaseUrl equal to null
            if(String.IsNullOrEmpty(baseUrl)) {
                baseUrl = urlHelper.RequestContext.HttpContext.Request.ToApplicationRootUrlString();

As far as I can see it definetely uses the BaseUrl. But reminds me of a bug at version 1.3.0. What is the version you use?