SSL Redirector

  0 rating
4/24/2013 1:10:50 AM
4/17/2015 1:39:10 PM
Provider: Sitecore


Allows serving of content items over https encryption by adding the template to the templates of the items you wish to be encrypted.



  • Documentation > Getting Started with the SSL Redirector
    Getting Started with the SSL Redirector

    1. Introduction

    SSLRedirector allows serving content Items over https encryption. A particular feature of this extension is that it recognizes the security configuration of the content Item and performs the appropriate action to secure the Item (for example, if the requested Item should be encrypted, but is not, then the request will be recreated with https encryption; and alternatively, if the requested Item is accessed as encrypted, but should not be, then the request will be recreated as a simple request).

    2. Installation

    SSLRedirector is distributed as a standard Sitecore package Thus to start using it, you should install the package.

    The package adds the following Items:

        * Securable Item and Secure Channel templates under templates/System/SSL Security

        * Secure Channel configuration Item under system/Settings/SSL which allows changing the size of the

            SSL channel’s encryption:

    ssl setting

    2.1. Web.config entry

    The following will be added to the web.config file using the include file SSLRedirector.config

    Under the /configuration/sitecore/pipelines/httpRequestBegin section the following line: <processor type="Sitecore.Modules.SSLRedirector.Pipelines.Resolver, SSLRedirector" />

    will be added after the ItemResolver processor.

    3. General Description

    Create an Item based on the Securable Item template or any other template which is based on the Secure Item template (directly or indirectly) to implement the SSL Security configuration.

    Any Item which inherits from the Secure Item template contains the Encryption dropdown menu in the Appearance section:

    ssl secure option

    The Secure Option dropdown list has three options: Default, Yes and No. The table below describes the behavior provided by each option:

    Secure Option                              HTTPS request                                  HTTP request
    Default                                          Process request as usual                         Process request as usual
    Yes                                               Process request as usual                         Redirect to HTTPS request
    No                                                Redirect to HTTPS                                 Process request as usual
    Non secure Item(item which is not based on the

    Secure Item template)                     Process request as usual                        Process request as usual

    It is also possible to control the SSL encryption length. Navigate to the system/Settings/SSL/Secure Channel Item to configure this functionality. The default value of the encryption size is 128 bit. If the value of this Item is empty, then no check of the encryption size will be performed.

    Note: Encryption size is one for all secure Items.

    4. User Manual

    The SSLRedirector shell extension controls the type of HTTP request used to access an Item. To create a secure Item, you should base it on the Secure Item Template or any other template which directly or indirectly inherits from this template. Then you can configure the Secure Option in the Appearance section.

    For example, create a few Items as shown below:

    secure template

        Document – an Item based on the Document template (not a Secure Item)

        Item with Default Security Option – a Secure Item with the Secure Option set to Default.

        Secured Item – a Secure Item with the Secure Option set to Yes.

        Unsecured Item – a Secure Item with the Secure Option set to No.

    Make sure that each template has appropriate Layouts and Renderings assigned and the Items are published and perform the following tests:

    Item Initial                            Request Processed                              Request
    Document                                 http://localhost/Document.aspx                http://localhost/Document.aspx
                                                    http://localhost/Document.aspx               http://localhost/Document.aspx
    Item with Default Security Option https://localhost/Item%20with%20Default%20Security%20option.aspx  


    Secured Item                            http://localhost/Secured%20Item.aspx      http://localhost/Secured%20Item.aspx
                                                  http://localhost/Secured%20Item.aspx       http://localhost/Secured%20Item.aspx
    UnSecured Item                       http://localhost/Secured%20Item.aspx       http://localhost/Secured%20Item.aspx
                                                 http://localhost/Secured%20Item.aspx        http://localhost/Secured%20Item.aspx

    NOTE: The original request type is not saved. For example, if the original request is nonsecure (http://), but then it is changed to secure (https://) by the extension, it won’t be changed back when a User navigates to a nonsecure Item.

Release notes
The module was added 10/03-2008
Read more Back
Code examples

Solution screenshots(0)


Reviews (0)

Sort by: Date Most votes
  • Profile Avatar

    Level: 0

    x0 x0 x0




    Was this helpful?


Comments (0)

Sort by: Date  Most votes

Leave a Comment

Comment must be field in
Post comment

Write a review

Title can't be empty
Review can't be empty
Post review


Title Description Download Action

Add File