After reading ALOT of documentation and forums posts, I am still confused regarding SSL certificate installation. Can anyone help???
Info: I host my site at Winhost.com. The Server name=Site0.com and the Portal0=Site0.com Portal1=Site1.com Portal2=Site2.com
Now that the standard is to have every site and every page employ SSL, I have several questions: 1. Do I need to purchase and install a certificate for each portal? Where do I install each certificate? 2. Winhost has a spot to install a certificate at the server level (Site0.com), but the certificate is for Site0.com not for other domains. So if I install the Site0 certificate on the Site0 server, will the other portals have SSL or not? If not, how and where do I install Site1 certificate? 3. To solve all of the SSL issues with a multi-domain DNN installation, should I just purchase and install one multi domain SSL certificate? What if I add a domain to the DNN installation in the future, will the SSL certificate not work for that portal?
As you can tell, I'm confused. Many thanks in advance for advice.
Hello and welcome!
The reason it's been so difficult to find out how to configure DNN with SSL is because it's mostly a set-it-and-forget-it kind of thing. If you're installing DNN for the first time,just make sure IIS is properly configured with the SSL certificate, and there's nothing else you need to do. DNN will figure out the rest.
If DNN is already up and running without an SSL cert in IIS, you're going to need to perform the hosting providers instructions on how to procure and install the SSL certificate. After it's done, then you can tell DNN to only respond to SSL requests. This is done using in the persona bar.
Security
More
SSL Settings
On
Now, you'll also want to set all pages to only respond to SSL requests too. Run the query below using the Sql Console in the persona bar to do that.
UPDATE {databaseOwmer}[{objectQualifier}Tabs] SET [IsSecure] = 1;
Finally, in IIS or DNN, you'll want to restart the application (website).
Note: Do not start this process until you're 100% certain the SSL certificate is installed correctly and ready to use.
That's it! 😎
A certificate has the capability to encompass multiple names or subject alternate names. For instance, securing both "dnncommunity.org" and "mail.dnncommunity.org" with a valid certificate can be achieved by incorporating both host names into a single certificate. Alternatively, a wildcard certificate such as "*.dnncommunity.org" can be employed to cover various subdomains. Furthermore, it is possible to include an entirely distinct Fully Qualified Domain Name (FQDN), like "dnnisthebestsolutionever.com," within the same certificate.
Your host propably uses Lets Encrypt so getting those certificates should be easy but ask them. Do you have access to IIS?
Nowadays I don't see great reasons to pay for an SSL certificate. Mariette mentioned LetsEncrypt (FD I use their certificates). It's a great solution. It has no monetary cost. The renewal process is automatic. So unless there is a reason that you cannot use it. (Your hosting provide maybe won't support it.) What's not to like?
If your hosting provider won't support it, I would put that as a black mark against them - unless they have a decent alternative offering.
Posted By RichardHowells on 1/25/2024 9:19 PM Nowadays I don't see great reasons to pay for an SSL certificate.
Nowadays I don't see great reasons to pay for an SSL certificate.
Richard, you are right. And to give that sentence some arguments, I recommend reading Troy Hunt: Extended Validation Certificates are Dead. And the times where EVCs caused a green Url line in the browser are gone long time ago...
Happy DNNing! Michael
Michael TobischDNN★MVP
Thanks for mentioning that Daniel. I only recently just discovered those changes and they are really great.
Cool feature to note: switch to Advanced and you also get a button to set all pages to IsSecure! So no more SQL Console scripts.
Once you are sure the SSL is in place and working, in DNN, simply set the Settings/Security/More, SSL SETTINGS dropdown to "On," then Save. And you are all set. So nice, so modern!
- Accuraty/Jeremy
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.