Cannot edit pages if RequireSSL is set to true - Bugs & Issues - Bugs & Issues - Progress Community

Cannot edit pages if RequireSSL is set to true

 Bugs & Issues

Cannot edit pages if RequireSSL is set to true

  • Cannot edit pages if RequireSSL is set to true
  • Hello,

    We are running SF version 4.3.1885.0.
    We have recently turned on RequireSSL for all pages in our site - including all back-end pages. We are using self-signed certs on our dev environments. We do *not* have require ssl set to true in the IIS configuration.

    We are getting strange behavior, and some errors when trying to edit our front-end pages via the SF admin screens. With SSL enabled for all pages, we are unable to publish. When we try, we receive the following dialog box message:

    "The HTTP request was forbidden with client authentication scheme 'Anonymous'."

    If we set RequireSSL to "false" for the *back-end* pages, we are able to publish, but see other issues. For example, when dropping in a content block, we are not seeing the initial Edit Content icon. In addition, if we edit the contents of the block and save the changes, the changes are not reflected in the administrative Edit page view. We can preview the page and see the changes, and publishing the page and returning to edit mode will show the changes.

    We need to have SSL enabled for all of our pages, so turning off SSL is not an option for us. 

    Is there some other configuration setting necessary to properly enable SSL in Sitefinity? 

    Regards,
    John G.
  • Hello,

    Basically there is no other setting that you need to apply in order to run the Pages in SSL encryption. However in your post you mentioned that you didn't set the "Require SSL" setting in the IIS. Is there any specific reason for that?

    Greetings,
    Veronica Milcheva
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • Hi Veronica,

    There is no need to set the Require SSL in IIS - it only serves to block access if HTTPS isn't used. However, we have tried with this setting on as well - with the same results.

    Is this an issue because we are using a self-signed cert? This is troubling since we won't be able to purchase a signed cert for testing, so we can't verify if the issue will go away in production.

    This seems to clearly be a bug - SF page administration behaves differently when the RequireSSL is set to true for a front-end page, which would be a pretty common scenario.

    Thanks for any help,
    John G

  • Hello,

    Thank you for the information provided.

    After further investigation I found that this is actually a Known Issue in Sitefinity. After pressing the "Publish" of the page you cannot be redirected in the backend. However the page is published and you can access it by the url. Here's the PITS Issue Url so that you can track its status.

    Please accept my apologies for the caused inconvenience.

    All the best,
    Veronica Milcheva
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • Hi John,
    Did you mange to find a fix for this? We're struck with the same issue. After aplying SSL, we cannot edit the content and cannot delete any pages. Please let me know if you have a solution for this?
    Thanks
    Gopal
  • Hi GV,

    No answer. All the help we got is in this thread. I left a question on the linked PITS issue, and it's the only comment in there.

    This sure seems like a significant issue to us. Protection for the admin section should be a priority.

    Regards,
    John
  • Hi guys,

    If your Frontend behavior is normal with SSL enabled, workaround for the Backend issues is disabling SSL (form the page->Actions->Title and properties->Require SSL checkbox)->Clearing the browser cache-> Editing the page, publishing etc(you will be able to edit the page when SSL is off)->Enabling SSL again. I know it is a bit of a hassle but it is an option while the issue is being worked on.

    I apologize for the inconvenience caused.

     

    Kind regards,
    Atanas Valchev
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • Hi,
    Sitefinity > Administration > Settings > Advanced > ServicesPaths : set your url site without https.
    It's unlock publishing workflow for full https site.

    Regards,
    Nicolas
  • Hi Nicolas,

    Thanks for the information.

    We looked into that suggested work-around before, but it's not so straight-forward for sites that must be deployed to multiple environments (like ours) without jumping through extra hoops to make sure that value is configured correctly in each different environment. For this reason, we have not yet tried this work-around.

    We did notice that there are several commented-out sections in the web.config file with notes similar to this:
    <!-- note: To enable https/SSL support for the Analytics module, uncomment this endpoint -->
    It's curious that these are explicitly provided for the Analytics module, but not for any other modules or services.

    Regards,
    John G
  • Hi,
    I ve a full https site and we don't use Analytics. So we didn't uncomment and it has no impact.
    It's probably needed because this is a part of google webApp and requests are differents
    according to the protocol.

    Regards,
    Nicolas
  • Hi all,

    I'm running into the same refresh problem John mention when having a complete SSL secured site (both front and back ends) . Our users will have to hit preview all the time in order to see the changes on the pages.  Weird thing is that this do not happen when designing templates.  I realized that the update of the content fails for a service call that looks like this:

    ControlPropertyService.svc/batch/4f0658d7-f387-4718-b8ad-3f4f475f3511/?pageId=5a809ee7-34b5-4519-ab62-f1919b8459bc&mediaType=Page&checkLiveVersion=False&upgradePageVersion=False&propertyLocalization=0&isOpenedByBrowseAndEdit=false

    with the following error message:
    "Detail":"Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)."
    
    As Nicolas suggest, I tried to change the ServicePath property on Administration > Settings > Advance > System > ServicesPaths and set the WorkflowBaseUrl property to my root on http without success.
    
    As soon I disable "Required SSL" checkbox, my page start working fine again.  
    
    Does anyone has any suggestion that may help overcome this problem?
    
    Thanks
    
    
  • Hi,
    I set required ssl only on Sitefinity folder not on all web site.

    Regards,
    Nicolas
  • Nicolas: Do you have any App_Data folders, such as themes? I heard that they are mapped under "Sitefinity". If so, wouldn't setting SSL to all of "Sitefinity" affect the front end site?

    I wish there was a simple way to enable or disable SSL for various pages.
  • Hi,
    I made a bad explanation there are two folders Sitefinity and it can be confused.
    Sitefinity folder are on root (it contains Services), this is not the one under App_Data.

    Regards,
    Nicolas