Hello and welcome!  

The reason it's been so difficult to find out how to configure DNN with SSL is because it's mostly a set-it-and-forget-it kind of thing.  If you're installing DNN for the first time,just make sure IIS is properly configured with the SSL certificate, and there's nothing else you need to do.  DNN will figure out the rest.  

If DNN is already up and running without an SSL cert in IIS, you're going to need to perform the hosting providers instructions on how to procure and install the SSL certificate.  After it's done, then you can tell DNN to only respond to SSL requests.  This is done using in the persona bar. 

1. Go to the Settings section (gear icon). 
2. Choose Security.  
3. Choose More. 
4. Choose SSL Settings.  
5. Choose On and save your change.  

Now, you'll also want to set all pages to only respond to SSL requests too.  Run the query below using the Sql Console in the persona bar to do that.  

UPDATE {databaseOwmer}[{objectQualifier}Tabs] SET [IsSecure] = 1;

Finally, in IIS or DNN, you'll want to restart the application (website).  

Note:  Do not start this process until you're 100% certain the SSL certificate is installed correctly and ready to use.  

That's it!  😎

 

A certificate has the capability to encompass multiple names or subject alternate names. For instance, securing both "dnncommunity.org" and "mail.dnncommunity.org" with a valid certificate can be achieved by incorporating both host names into a single certificate. Alternatively, a wildcard certificate such as "*.dnncommunity.org" can be employed to cover various subdomains. Furthermore, it is possible to include an entirely distinct Fully Qualified Domain Name (FQDN), like "dnnisthebestsolutionever.com," within the same certificate.

Your host propably uses Lets Encrypt so getting those certificates should be easy but ask them. Do you have access to IIS?

Thank you Will. I will do those tasks first and report back.

And thank you Mariette, that helps a lot. After getting the CSR from Winhost, I bought an SSL cert on namecheap.com for Site0.com. Super cheap for 5 years. But before I install it on the Site0.com server, it dawned on me that it might not work for Site1.com. I'm going to follow the items from Will Strohl and see if the SSL works for Site1.com too.

My best wishes to you both!

Nowadays I don't see great reasons to pay for an SSL certificate.

Mariette mentioned LetsEncrypt (FD I use their certificates). It's a great solution. It has no monetary cost. The renewal process is automatic. So unless there is a reason that you cannot use it. (Your hosting provide maybe won't support it.) What's not to like?

If your hosting provider won't support it, I would put that as a black mark against them - unless they have a decent alternative offering.

Yes, I use Lets Encrypt everywhere.

Posted By RichardHowells on 1/25/2024 9:19 PM

Nowadays I don't see great reasons to pay for an SSL certificate.
 

Richard, you are right. And to give that sentence some arguments, I recommend reading Troy Hunt: Extended Validation Certificates are Dead. And the times where EVCs caused a green Url line in the browser are gone long time ago...

Happy DNNing!
Michael

If you are using Cloudflare, you get a free SSL certificate for each domain through their dashboard. The thing people often get tripped up on here is the difference between encryption from the client's browser to Cloudflare, versus from Cloudflare to the web server. You'll want both to have end-to-end encryption. Again, this is free when you use Cloudflare (which also brings many other wonderful benefits.

If you are on a recent version, you may not need the sql scripts anymore. In Security -> More -> SSL Settings

We now have Off, On or Advanced. On basically makes it for all pages. Advanced would give the old behavior where it could be different per page.

Thanks for mentioning that Daniel. I only recently just discovered those changes and they are really great.

Cool feature to note: switch to Advanced and you also get a button to set all pages to IsSecure! So no more SQL Console scripts.

Once you are sure the SSL is in place and working, in DNN, simply set the Settings/Security/More, SSL SETTINGS dropdown to "On," then Save. And you are all set. So nice, so modern!