SSL and Tenants

Topics: Administration, Core, General, Troubleshooting
Sep 10, 2014 at 4:57 PM
Just trying to see if it is possible to use the SSL functionality within a Tenant? The SSL settings are after using a different sub domain, but then I'm thinking this would not route you to the correct tenant? Has anyone tried this?
Developer
Sep 10, 2014 at 7:26 PM
It should work without issues, yes.
Sep 10, 2014 at 10:25 PM
Edited Sep 10, 2014 at 10:27 PM
Just tested this and it doesn't seem to work for me. Here are the repo steps, is there anything I am missing? I can't see how orchard will know to load the correct tenant as it will have a different host name to the one in the settings.

Repo:
  1. Add 3 websites to your hostfile; dev.host.local, dev.tenant.local, secure.tenant.local
  2. Add the 3 above bindings to IIS, set secure.tenant.local to https port 443 with a self signed cert
  3. Navigate to dev.host.local and setup a new orchard instance
  4. Enable Multi tenancy module and create a new tenant with the host address of dev.tenant.local
  5. Navigate to dev.tenant.local and setup a new orchard instance
  6. Enable Secure Sockets module and enable ssl, set the Secure Host Name to secure.tenant.local and the Insecure Host Name to dev.tenant.local
  7. Once you save the settings you will be redirected to secure.tenant.local/Admin/Settings/Ssl
Expected result - The page loads under https.
Actual result - The page does not load.
Developer
Sep 11, 2014 at 9:10 PM
What is the specific symptom or error you see? Are you sure the request reaches the app?
Sep 15, 2014 at 12:31 PM
Sorry I should have been more specific, requests to _secure.tenant.local _are handled by the default host, dev.host.local. This is not the expected behaviour but I can see why it happens. IIS is routing it to the Orchard site because of the binding, Orchard does not have a tenant setup with an address of secure.tenant.local, so it loads the default host content.

Perhaps we need to allow multiple host addresses for tenants?
Developer
Sep 15, 2014 at 3:51 PM
Then this is it.

Multiple hosts per tenant are allowed, you just have to separate them with commas when adding them to RequestUrlHost (or Host on the tenant edit page). Make sure not to add spaces too (there is a corresponding issue to allow spaces between hosts, but now it won't work).
Sep 15, 2014 at 4:10 PM
Cool, secret feature ;) I didn't know that, I will check that out, that should fix it.

Cheers for your help.