I am successfully running an Umbraco site on Azure Websites that has Merchello integrated. At this point, we are ready to launch with an SSL cert and had gone so far as to update the A record in my host to point to the IP address provided. Being an e-comm site, I tried to add in a redirect rule to enforce HTTPS, but kept running in to a "infinite loop" problem. I tried this suggestion from ruslany without success, then referenced this "HTTPS on Azure" page. I switched the IP address to the Virtual IP on the AWS Dashboard screen -- still no luck with HTTPS, even after adding a custom hostname in the Back Office.
The strange thing is that Articulate can be served under SSL, just not the rest of the site. We've tried the HTTPS Redirect package and rerouting in a controller. We're running out of potential solutions. Any advice would be greatly appreciated! Thanks in advance
I ran into this issue with AWS. The issue is (on AWS) that by time the request gets to IIS it's actually port 80 instead of 443. So it gets stuck in a redirect loop because IIS never actually sees traffic on port 443.
For the front end, I did this:
//added this due to how the ssl forwarding is working on AWS
if (HttpContext.Current.Request.Headers["X-Forwarded-Proto"] == "http")
{
HttpContext.Current.Response.Redirect(HttpContext.Current.Request.Url.AbsoluteUri.Replace("http:", "https:"));
}
So AWS is sending a special header to signify what protocol is in use upstream. Perhaps Azure has a similar thing?
Along these lines, the backoffice has an issue as well when trying to force SSL via the appSetting: umbracoUseSSL.
That'll send it into a redirect loop as well when set to true. I'm still trying to find an elegant way to handle this as the code that handles this is here:
For the backoffice I've had to override the `LoginController` by creating a custom login controller in a plugin copied from the umbraco.controllers.js file. The bad news is that if the controller is updated in the core, I'll have to update my plugin.
angular.module("umbraco").controller("Umbraco.Dialogs.LoginController", function ($scope, localizationService, userService, $location) {
if ($location.protocol() != 'https') {
window.location.href = $location.absUrl().replace('http', 'https');
}
...
//the rest of the file
Umbraco 7, Azure, and SSL
Hello
I am successfully running an Umbraco site on Azure Websites that has Merchello integrated. At this point, we are ready to launch with an SSL cert and had gone so far as to update the A record in my host to point to the IP address provided. Being an e-comm site, I tried to add in a redirect rule to enforce HTTPS, but kept running in to a "infinite loop" problem. I tried this suggestion from ruslany without success, then referenced this "HTTPS on Azure" page. I switched the IP address to the Virtual IP on the AWS Dashboard screen -- still no luck with HTTPS, even after adding a custom hostname in the Back Office.
The strange thing is that Articulate can be served under SSL, just not the rest of the site. We've tried the HTTPS Redirect package and rerouting in a controller. We're running out of potential solutions. Any advice would be greatly appreciated! Thanks in advance
Bump. Any thoughts or advice?
Comment author was deleted
I ran into this issue with AWS. The issue is (on AWS) that by time the request gets to IIS it's actually port 80 instead of 443. So it gets stuck in a redirect loop because IIS never actually sees traffic on port 443.
For the front end, I did this:
//added this due to how the ssl forwarding is working on AWS if (HttpContext.Current.Request.Headers["X-Forwarded-Proto"] == "http") { HttpContext.Current.Response.Redirect(HttpContext.Current.Request.Url.AbsoluteUri.Replace("http:", "https:")); }So AWS is sending a special header to signify what protocol is in use upstream. Perhaps Azure has a similar thing?
Along these lines, the backoffice has an issue as well when trying to force SSL via the appSetting: umbracoUseSSL.
That'll send it into a redirect loop as well when set to true. I'm still trying to find an elegant way to handle this as the code that handles this is here:
https://github.com/umbraco/Umbraco-CMS/blob/ded1def8e2e7ea1a4fd0f849cc7a3f1f97cd8242/src/Umbraco.Web/WebApi/Filters/UmbracoUseHttps.cs
https://github.com/umbraco/Umbraco-CMS/blob/9469b0b844d47328a557cf66e517c3059f646ebd/src/Umbraco.Web/Editors/BackOfficeController.cs#L36
Comment author was deleted
Posted an issue: http://issues.umbraco.org/issue/U4-6493
Comment author was deleted
For the backoffice I've had to override the `LoginController` by creating a custom login controller in a plugin copied from the umbraco.controllers.js file. The bad news is that if the controller is updated in the core, I'll have to update my plugin.
angular.module("umbraco").controller("Umbraco.Dialogs.LoginController", function ($scope, localizationService, userService, $location) { if ($location.protocol() != 'https') { window.location.href = $location.absUrl().replace('http', 'https'); } ... //the rest of the fileis working on a reply...