When ssl is available and you specify Use SSL on All Pages, then what happens if a request comes in for a cms page and the request does not use https, it will call SiteUtils.ForceSsl() which redirects to the https version of the url.

by default it uses 301 permanent redirect in recent versions of mojoportal, though older versions of mojoportal used a 302 

so unless you are using a fairly old version it should be doing that already because WebConfigSettings.RedirectSslWith301Status is true by default but could be changed from appSettings by adding it there as false

if you have the code that corresponds to your site you can copy the changes needed from the latest code. really the only code that matters is in SiteUtils.ForceSsl where we use that setting to decide if a permanent redirect is used or not, you could make that change and not even use a setting

we used a setting in case someone did not want to make those redirect permanent they could change it.

the thing to understand about this line:

ConfigHelper.GetBoolProperty("RedirectSslWith301Status", true); }

the first param is the key to look for in appSettings and the second param is the default value to use if the setting is not found.

so typically the setting does not really exist in appSettings unless someone needs to override the default then they can put it in appSettings if needed.

the general idea is that when the application starts the config object is created in memory and kept there by the runtime and the more settings exist the amount of memory used is a little bigger. by NOT putting in a setting with the default value in Web.config appSettings or user.config it keeps the memory use smaller. so in general we have a lot of settings but they do not actually exist in appSettings  config object taking up memory, if the default value is used the setting does not need to exist there, it only needs to exist if you are changing from the default value. So in this way we have configurable settings that do not use extra memory unless you actually add the setting and override it. of course each setting is a small amount of memory so this is a small optimization, but it can add up when there are lots of settings.

so in this case we don't actually have a setting for RedirectSslWith301Status in web.config nor user.config but it uses the default value true and if someone wants false they have to add the setting <add key="RedirectSslWith301Status" value="false" /> and that will make the config object a tiny bit larger in memory

The SiteSettings setting for UseSSLOnAllPages will cause a redirect on cms pages and pages built into mojoportal, it will not affect urls that are not part of mojoPortal. In most cases all the urls in the site would be part of mojoPortal.

Your question was about SEO, as I understood it, you think a 301 permanent redirect would be better, and I agree with that opinion which is why we implemented it. Especially it is probably better when the site was previously indexed as not https, it will make it more clear to the searchengine bots that this is a permanent change to the url.

Your older version of mojoPortal is not doing that though, it is using a 302 which is not a permanent redirect. You could change it to use 301 by changing the code in SiteUtils.ForceSSL to do a permanent redirect. 

It is up to you whether you want to wrap it in a setting or not, we chose to, so if you copy the current implementation of that method into your SiteUtils.cs code then you would also need to add the setting in WebConfigSettings.cs as we did. Or you could copy the latest version of SiteUtils.ForceSSL and just remove the conditional logic and the reference to the setting and make it just always do a permanent redirect.