Force all SSL to subdomain URL?

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This thread is closed to new posts. You must sign in to post in the forums.

7/20/2010 10:14:17 PM

medicnick

Total Posts 13

View Posts

Force all SSL to subdomain URL?

I'm not sure that this is the right forum but perhaps it is. My SSL certificate is for *.domain.com and I have two other domains that are sharing the database. What is the most efficient way to force all secure activity to a subdomain URL (default SSL for login/register/etc)?

Maybe you have a better suggestion?

Thanks!

7/21/2010 8:48:21 AM

Joe Audette

Total Posts 18439

View Posts

Re: Force all SSL to subdomain URL?

There is nothing in mojoPortal to do that. If hosting multiple mojoportal sites in a single installation where all the child sites are hosts in the same domain (ie what you are calling sub domains), then you can enable SSL and it will work for all child sites since the wildcard ssl certificate can work with any hostname in the domiain, no special handling is needed. If you need something beyond that look into the IIS url re-write module.

Hope it helps,

Joe

7/28/2010 3:40:27 AM

medicnick

Total Posts 13

View Posts

Re: Force all SSL to subdomain URL?

Thanks Joe. Perhaps this leads to a feature request, to enable a specific URL pathway (in my case secure.domain.com) for the SSL activity (mojo controlled already) but return them to the original domain after logging in.

In the meantime, what is the best way to setup the file structure and mapping to force the Mojo secured pages to a subdomain URL? instead of www.domain.com/secure/login.aspx how do I force it to go to secure.domain.com/[secure/login.aspx or just /login.aspx - doesn't really matter]?

I have setup the same secure.*.com subdomain for all three domains but I expect the other two that are not on the SSL certificate to indicate a certificate error when accessed. Chrome makes it much more obvious then IE or FF... so even an intermediate page that warns the user that they are going to a safe place to login but will be returned to their original page after logging in.

How can I send them to the certificated secure.domain.com to login and then return them back to the original domain in Mojo?

PS: So far, the URL Rewrite causes a 'too many redirects' loop due to the hostname mapping. Is there an easy solution that I'm overlooking?
Thanks!

7/28/2010 7:49:15 AM

Joe Audette

Total Posts 18439

View Posts

Re: Force all SSL to subdomain URL?

Sorry, but I have no near term plans to implement something where a different domain/hostname is used for authentication, there is no real need for it that I know of if you just use an ssl on the main domain/hostname.

I don't know about the redirect loop, you need to be careful with IIS url re-writer rules to make sure they do what you want and only what you want. I don't know anything about the url re-write rules you have configured and cannot offer support for IIS Url re-writer, you will have to find help on the web for that.

Best,

Joe

You must sign in to post in the forums. This thread is closed to new posts.