Search Errors with SSL Cert

Mike Bilz asked on July 11, 2017 22:04

Hello Kentico Team,

I recently set up my site to use SSL for Administration, along with a few other security additions.

However, after getting all of this set up I noticed that my site's Search Tool no longer functions. Any attempted search results in a 500 Error.

The search tool works perfectly if you add https to the web address beforehand. So my guess is that because the form is trying to cross into the SSL admin side for a moment and then cross back it causes some kind of security issue that triggers the 500 error.

Is there a setting or a configuration I may have missed somewhere along the line?

Any help you can provide would be greatly appreciated.

Thanks!

-mike

Recent Answers


Trevor Fayas answered on July 12, 2017 04:39

try adding to the web.config application keys the key "CMSEnableCsrfProtection" with a value of false.

this can happen with searches and https depending. are the any event logs as well?

1 votesVote for this answer Mark as a Correct answer

Brenden Kehren answered on July 12, 2017 15:19

Depending on the search index, you may need to include the web.config key to accept all SSL Cert errors.

<add key="CMSSearchCrawlerAcceptAllCertificates" value="true" />

By default, the smart search crawler does not index pages on sites using a secured protocol (HTTPS) without a certificate from a trusted authority. For example, you may encounter the problem in development environments that use a self-signed certificate.

If you set this key to true, the system accepts all certificates.

Note: Setting the CMSSearchCrawlerAcceptAllCertificates key to true poses a security vulnerability and should not be used in production environments.

Also, what is the specific 500 error? Have you checked the servers event logs and really dug into the error? If your server is in a DMZ or load balanced there could be other firewall issues restricting it.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.