Secure Sockets Layer module on Azure - Not Working

Topics: General, Troubleshooting
Jan 25, 2014 at 12:06 AM
Hi everybody - I've been struggling with this for a while, thought I'd cast out to you folks for help.

I have a 1.7.2 site using a custom module. I want the Admin and CERTAIN pages on the module protected by SSL - and none of the other Orchard site pages ('about us' and such). No problem.

Got a certificate, uploaded to Azure, configured. Working. Nice. Can access pages under SSL or regular old http.

I've configured the site to operate as http://www.mydomain.com and https://secure.mydomain.com. Both work as expected when the SSL module is off.

So - figured I'd use the "SecureSocketsLayer" module to cherry pick the pages to protect. Not happening unfortunately. My secure host name is "secure.mydomain.com" and my insecure host name is "www.mydomain.com".

I have "force SSL on all pages" OFF and "Enable SSL on specific pages" ON. I have asked for a single page to be protected (for now) - I am expecting the site runs under http until I hit my test page, then switches to https, then back to http when I browse away.

When I browse to the home page I'm running as https with the 'secure' host. No good. When I force http (insecure host) I get a blank white screen. Return to admin, log out, white screen. Clear cookies, open new browser window, white screen. Orchard dead. :-(

The certs are fine, they work as expected without the SSL module. I'd like to use the module because I don't know how I could jump the site out of SSL mode without it (particularly when the user browses outside of my module).

Am I doing something wrong? Any other options?

Thanks

Kurt
Jan 25, 2014 at 12:53 AM
I am using it on Azure VMs, in same conf as you, no special problems.
I have added a piece of code because I was getting exceptions, see here
https://orchard.codeplex.com/workitem/20230
Jan 28, 2014 at 6:39 PM
Thanks for the tip! I tried to do this, but ran into other issues with the module ... I gave up and wrote my own filter in the end :-(

Kurt



From: "CSADNT" <[email removed]>
Sent: Friday, January 24, 2014 4:56 PM
To: [email removed]
Subject: Re: Secure Sockets Layer module on Azure - Not Working [orchard:525293]


From: CSADNT

I am using it on Azure VMs, in same conf as you, no special problems.
I have added a piece of code because I was getting exceptions, see here
https://orchard.codeplex.com/workitem/20230
Coordinator
Feb 19, 2014 at 5:20 AM
On the first part of your experiment, this is normal: if you are authenticated, you will be under https, that is by design. The white screen on log out is not normal however. Does www.mysite.com work normally with http when the module is not active? Would you mind filing a bug with the detailed repro steps?
Sep 19, 2014 at 4:43 PM
Edited Sep 19, 2014 at 4:48 PM
"On the first part of your experiment, this is normal: if you are authenticated, you will be under https, that is by design."

To piggie back on this existing thread. I just was able to get SSL working in the dashboard, thanks for building that into Orchard! The concern I have is that my content producers will start inadvertently sharing links to our site with HTTPS - which won't work for the public. Is it possible for all the links from the dashboard (Preview, View and the Top-Left logo) to go to HTTP versions and for those pages to not by default redirect to HTTPS when my producers are logged in?

Edit to ask. Is the preferred method there for to use a separate host for the dashboard? Secure.Domain.Com for example? I think I just answered my own question. If some can confirm that I'd appreciate it.

Thanks!
Toby
Coordinator
Sep 19, 2014 at 6:05 PM
HTTPS links would work, even if you are not authenticated. SO if they forget to remove https, providing you REALLY want to remove it, then it would not be an issue.
Coordinator
Sep 19, 2014 at 6:05 PM
RIght now there is even a trend to redirect anonymous traffic to HTTPS, even google gives a better PageRank if you are in https.
Sep 19, 2014 at 6:53 PM
Very helpful reply, thank you Sebastien!