https domain issues for multi-lingual website

Vinod Vutla asked on October 10, 2016 08:27

Hi Team

We have a multi-lingual website with three different languages. For each culture I have assigned a different domain to see each version as a standalone website by making use of domain aliases.

Now we would like to enable SSL for English version(https://englishversion.com) and for the remaining version I would like to keep them as it is(http://otherversion.com). But kentico Genreal/Security tab SSL setting doesn't allow me to give culture specific configuration for enabling or disabling SSL required setting leads to NET::ERR_CERT_COMMON_NAME_INVALID error(Your connection is not private Attackers might be trying to steal your information from (https://exampledomain.vn).

Help me to remove SSL for the required language versions in kentico for the required domains.

Thanks, Vinod.

Correct Answer

Richard Sustek answered on October 10, 2016 11:11

I believe you could use RequestEvents.Prepare to let Kentico know that the current request is SSL using:

RequestEvents.Prepare.Execute += PrepareExecute;

and

 private void PrepareExecute(object sender, EventArgs e)
    {
        if ((HttpContext.Current != null) && (HttpContext.Current.Request != null))
        {
            // check current domain
            var domain = RequestContext.CurrentDomain;
            if (domain.Equals("yourdomain", StringComparison.OrdinalIgnoreCase))
            {
                // use SSL for english versions
                RequestContext.IsSSL = true;
            }
        }
    }

And then you can simply enable SLL on your IIS for the domain you need :-)

Additionally you could Redirect (301) user in this event if the current protocol is HTTP and not HTTPS. I personally avoid redirection if not necessary and think that IIS would handle this better. Still, its definitely an option..

2 votesVote for this answer Unmark Correct answer

Recent Answers

Roman Hutnyk answered on October 10, 2016 10:04 (last edited on October 10, 2016 13:57)

Have you considered checking/changing a protocol in the request events?

1 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.