Redirected you too many times, if enable SSL on a page.

Did you try this in a private browser?
Sometimes the browser caches the redirect and you end up in an endless loop.
Also using a redirect ruile in web.config is much more efficient than using the options in DNN.

https://aboutssl.org/iis-redirection-http-to-https/

If you're behind a WAF (such as CloudFlare), you may need to adjust the SSL setting on your WAF, or install an SSL certificate in your hosting environment.  If the SSL isn't working completely, end-to-end, this will also cause this issue.  

Hi,

We have SSL certificate on our site and all the requests are https. But we see that the customlink, userlinks that DNN generates (when we use tabid in navigateURL) are http.
Is there a way to make these links https?

We are looking at enabling https on our DNN 9.11.0 site. As soon as we make all pages Issecure=1 and chagne the portalsetting SSLEnabled to true , the site doesnt come up.

Please let us know the steps for changing all links to https in the website.

Thank you for all your help.

Posted By Das on 5/23/2023 2:16 PM

Hi,

[...] userlinks that DNN generates (when we use tabid in navigateURL) are http.
Is there a way to make these links https?

You can do that in the IIS configuration, i.e. in web.config.

First install the Url Rewriter module in IIS, and then add this rule to your web.config file:

[rewrite]
   [rules]
      [rule name="HTTP to HTTPS redirect" stopProcessing="true"]
         [match url="(.*)" /]
         [conditions]
            [add input="{HTTPS}" pattern="off" ignoreCase="true" /]
         [/conditions]
         [action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" /]
      [/rule]
   [/rules]
[/rewrite]


(Replace [ and ] by < and >)

Happy DNNing!
Michael

 

Thank you for the response.

We already have the redirect at the LB level. We do render all the links as https.
We need the links to be https on the page source as well.

How to make these links (link that is created when we use tabid) use absolute URL?

Thanks

I don't know of a possibility to change this behaviour (maybe there is one, but I am not aware of it).

You could use a CSP (upgrade-insecure-requests) to upgrade the http-request. Also implementing HSTS could be a good idea.

Happy DNNing!
Michael

Posted By Das on 5/23/2023 5:16 AM

Hi,

We have SSL certificate on our site and all the requests are https. But we see that the customlink, userlinks that DNN generates (when we use tabid in navigateURL) are http.
Is there a way to make these links https?

We are looking at enabling https on our DNN 9.11.0 site. As soon as we make all pages Issecure=1 and chagne the portalsetting SSLEnabled to true , the site doesnt come up.

Please let us know the steps for changing all links to https in the website.

Thank you for all your help.

If DNN is generating non-secure URLs for you, it's likely that either DNN isn't set to enforce SSL in the security settings, and/or there is a custom API integration that is manually generating the URLs in question.  (That is, unless there's a new bug that got introduced recently.)