DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.

All link on http site point to https addresses

Sort:
You are not authorized to post a reply.





New Around Here





    I recently upgraded from 9.* to 9.9.1 and now all the links in the only two sites that not yet use an SLL certificate point to https addresses.

    So I can still navigate to http://www.example.com but inside of it all links point to https://www.example.com - thus issuing a browser certificate warning making it almost impossible to use the sites.

    I am not convinced that updating to 9.9.1 has caused the issue. I recently installed SSL certificates for two of my other sites on that server. These sites work fine before and after the upgrade. I started the upgrade wizard on one of those secure sites and maybe that made a difference?

    I checked and tested all SSL settings on page and site level (enabling SSL on / off, enforcing on / off, secure connection on /off) but that does not seem to make difference, currently all SSL related settings are turned off.

    I know I should just add certificates for the remaining sites but I can not change the DNS settings for these sites so easily. So if someone knew a workaround I would be most thankful.






    Veteran Member





      if you disable "use SSL" on site level, DNN should use http for all pages and system links (absolute link you added in content will not be affected). You might need to restart DNN after modifying the settings.





      New Around Here





        I made sure that SSLEnabled and SSLEnforced in table PortalSettings are both 'False' for all portals and restarted. (BTW: when I set both to 'True' for a portal that uses a proper certificate, I get ERR_TOO_MANY_REDIRECTS and that is that.)

        After the restart, the links in the non-SSL sites still point to https. I am talking about menu links and other DNN generated links.

        I am not sure if there are any other settings in DNN that are relevant in that respect.






        Veteran Member





          When you say that the links point to https, is this in the page source and/or is it in the database?

          Is there possibly some redirect happening? You might use Fiddler to help figure that out.
          Joe Craig
          DNN MVP
          Patapsco Research Group





          New Around Here





            Thank you, Craig. I checked with Fiddler, there is no redirect happening as far as I understand the output. I tried with https://www.poehlerthomas.de and I typically see a lot of "Tunnel to" entries with "CONNECT http://www.poehlerthomas.de:443
            200 Connection Established ()". I tried with cache on and off, I haven't used Fiddler for a while and the result is inconclusive to me.

            On the top of https://www.poehlerthomas.de is a DNN menu, and I would expect the menu entries to point to HTTP addresses. Instead, for example the "Aktuell" link points to https://www.poehlerthomas...guage/de-DE/Aktuell. There is also an "Impressum" link, which is generated via DotNetNuke.Common.Globals.NavigateURL, and that method also generates an HTTPS link.

            I am sure this is new behaviour, but I am not sure if upgrading to 9.9.1 or other stuff that I changed to add Let's Encrypt to other portals is the reason for the https links. For example I added a certificate for www.aivest.com. Everything works fine there - https links of course.

            So ssl is disabled for all my sites in DNN, but all sites generate https links.






            Veteran Member





              Most likely, Azure enforces https (but due to a missing certificate, the browser issues an error) and all local links are formed using the same protocol and domain address.
              You either need to make sure on IIS level to use always http or install an appropriate SSL certificate for this domain (preferable), which shouldn't be expensive ;)





              New Around Here





                I was thinking the same thing but "






                Veteran Member





                  the issue must be IIS domain binding - which supports HTTPS, but uses a azure certificate instead of a custom one. If you can't use a free certificate I'd consider buying a cheap SSL one, e.g. from sslpoint.com

                  You are not authorized to post a reply.

                  These Forums are dedicated to the discussion of DNN Platform.

                  For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

                  1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
                  2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
                  3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
                  4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
                  5. No Flaming or Trolling.
                  6. No Profanity, Racism, or Prejudice.
                  7. Site Moderators have the final word on approving / removing a thread or post or comment.
                  8. English language posting only, please.

                  Would you like to help us?

                  Awesome! Simply post in the forums using the link below and we'll get you started.

                  Get Involved