Knowledgebase : SSL Certificates

Starting with DotNetNuke 4.5.4 a new feature was added that would allow SSL support for specific pages. When adding/editing pages within your DNN 4.5.4 (and later) website you will now notice one additional “Secure” setting under the:

  1. Advanced
  2. Other settings
  3. Check "Enable SSL
  4. Update the current page
This individual setting enforces the SSL requirement for a page. If a page has this option selected it will be transmitted via SSL.

Let's Encrypt is free and you can install it from client area. It does not require dedicated IP address for the website. The certificate is valid for 90 days. It will be automatically renewed 30 days in advance before its expiration.

Please follow the instructions below to install it on the domain.

  1. Select the subscription from the client area.
  2. Click on Let's Encrypt option and fill in the following details. Email address: support@dnn4less.com Select what else can be secured: select this option if you want to secure www part of the domain. Select the domain aliases to secure: select the required domain aliases to be secured from the textbox "Selected domain aliases:"
  3. Click Install to complete the installation.

 

If the site has DNN installed, then a few more steps need to be followed.

  1. Take backup of the database. Use the "Export Dump" option of the database.
  2. Run the following query on database.

    INSERT INTO HostSettings (SettingName, SettingValue, SettingIsSecure) VALUES (N'AUM_UrlsWithNoExtensionRegex', N'.asmx/|.ashx/|.svc/|.aspx/|.axd/|/.well-known', 0)

  3. You can use the DNN SQL Console function to run the query
    1. For DNN 8.0.4 and below go to host > SQL and run the query there
    2. For DNN 9.0 and above go to Settings > Site Settings > SQL Console
  4. Restart the application pool of the site. This can be done from option "Dedicated IIS Application Pool for Website" in the control panel, or through the restart application pool function in DNN. After these steps, you can access the site securely using the Let's Encrypt certificate.

Dedicated (also called ‘fixed’ or ‘static’) IP as opposed to a shared IP address when getting a broadband connection? There are plenty of advantages and here we outline a few.

Generally, having a shared IP address will not cause you any harm. However, there are a few cases when a static IP is required or simply an advantage.

  • Less downtime – Each time your IP address refreshes you run the risk of downtime from the server. While this is usually only for a very short time, it can wreak havoc on your gaming. Having a static address eliminates this risk.
  • Having your own Private SSL Certificate – Secure e-commerce websites need SSL certificates for accepting credit cards online. Web hosts usually offer a shared SSL certificate where clients can share the Web host’s SSL.
  • Anonymous FTP It means that anyone using the FTP software can access files in a special directory of your site. It’s called Anonymous FTP because the user name used to access is “anonymous.” Many Web hosting providers require a static IP for the anonymous FTP function to work properly.
  • You want to access your website by FTP or Web browser even when the domain name is inaccessible, such as domain name propagation periods.
  • Remote access – With a static IP address you can access your PC no matter where you are in the world. Using programs such as Remote Administrator and PC Anywhere you can log into your work or home PC no matter where you are. Although you can set the connection up regardless of what type of IP address you have, you need a fixed address to maintain it otherwise the program will no longer be able to find your computer when your PC refreshes its dynamic address.
  • Running an FTP server – File Transfer Protocol (FTP) is an efficient and reliable way to transfer data from one computer to another. Again, specific software must be installed in order for you to set up an FTP site, but this is easy to do and free software is available. You might want to use an FTP site to share files, such as pictures, with your friends, or you might use it to enhance your organisation. Either way, once you’ve set up the site, clients, partners or friends just need to log in to access, edit or upload files.

Standard SSL certificates are issued for one single domain name, e.g. www.yourdomain.xxx OR yourdomain.xxx .
 

Wildcard SSL certificates make it possible to use your certificate on an unlimited number of subdomains (e.g. https://order.yourdomain.xxx, https://my.yourdomain.xxx,  https://webmail.yourdomain.xxx and https://www.yourdomain.xxx OR https://yourdomain.xxx).

Note:
Standard SSL Certificate issued  for domain as yourdomain.xxx (without "www") will not work as www.yourdomain.xxx (with "www") and vice-versa. To use SSL certificate with both yourdomain.xxx and www.yourdomain.xxx you will need WildCard SSL Certificate.