I recently upgraded from 9.* to 9.9.1 and now all the links in the only two sites that not yet use an SLL certificate point to https addresses.
So I can still navigate to http://www.example.com but inside of it all links point to https://www.example.com - thus issuing a browser certificate warning making it almost impossible to use the sites.
I am not convinced that updating to 9.9.1 has caused the issue. I recently installed SSL certificates for two of my other sites on that server. These sites work fine before and after the upgrade. I started the upgrade wizard on one of those secure sites and maybe that made a difference?
I checked and tested all SSL settings on page and site level (enabling SSL on / off, enforcing on / off, secure connection on /off) but that does not seem to make difference, currently all SSL related settings are turned off.
I know I should just add certificates for the remaining sites but I can not change the DNS settings for these sites so easily. So if someone knew a workaround I would be most thankful.
I made sure that SSLEnabled and SSLEnforced in table PortalSettings are both 'False' for all portals and restarted. (BTW: when I set both to 'True' for a portal that uses a proper certificate, I get ERR_TOO_MANY_REDIRECTS and that is that.)
After the restart, the links in the non-SSL sites still point to https. I am talking about menu links and other DNN generated links.
I am not sure if there are any other settings in DNN that are relevant in that respect.
Thank you, Craig. I checked with Fiddler, there is no redirect happening as far as I understand the output. I tried with https://www.poehlerthomas.de and I typically see a lot of "Tunnel to" entries with "CONNECT http://www.poehlerthomas.de:443 200 Connection Established ()". I tried with cache on and off, I haven't used Fiddler for a while and the result is inconclusive to me.
On the top of https://www.poehlerthomas.de is a DNN menu, and I would expect the menu entries to point to HTTP addresses. Instead, for example the "Aktuell" link points to https://www.poehlerthomas...guage/de-DE/Aktuell. There is also an "Impressum" link, which is generated via DotNetNuke.Common.Globals.NavigateURL, and that method also generates an HTTPS link.
I am sure this is new behaviour, but I am not sure if upgrading to 9.9.1 or other stuff that I changed to add Let's Encrypt to other portals is the reason for the https links. For example I added a certificate for www.aivest.com. Everything works fine there - https links of course.
So ssl is disabled for all my sites in DNN, but all sites generate https links.
I was thinking the same thing but "HTTPS Only" is deactivated in Azure App Services. Maybe there is something else trying to force https, but I wouldn't know what.
You are certainly right in that the better solution is to assign certificates for the remaining domains. The ACME bot that I am using now (https://github.com/shibayan/keyvault-acmebot) requires access to the DNS server, so for my domains I am using Azure DNS now. But I cannot change the nameservers of the remaining sites right now, which is why I kept trying to use http for those sites. But I found out that the security warning is only appearing once per site, so for a temp situation it's not that bad.
the issue must be IIS domain binding - which supports HTTPS, but uses a azure certificate instead of a custom one. If you can't use a free certificate I'd consider buying a cheap SSL one, e.g. from sslpoint.com
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.