At some point, you may need to install an SSL certificate to secure your DNN Site, and this article provides the information necessary to generate an SSL certificate and complete the certificate installation to secure the environment. This article will resolve any SSL errors with "Your connection is not private"
Follow the process detailed below to set up an SSL certificate successfully.
Purchase an SSL certificate from an SSL Certificate Authority. Examples include any of the following:
Generate a CSR (Certificate Signing Request).
A CSR is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually generated on the server where the certificate is installed. It contains information included in the certificate, such as the organization name, common name (domain name), locality, and country.
A Private Key is usually created at the same time that you generate the CSR, and this key needs to be kept in a safe place.
You can generate a CSR using one of the following methods:
|Certificate Authority||Certificate Authority web sites often provide guides or setup wizards to assist in the generation of a CSR. Refer to your Certificate Authority for further details.|
|IIS||Also known as Microsoft Web Server, many websites provide customized instructions for generating a CSR based on the IIS version in use. Example: The DigiCert website offers instructions for Creating a CSR and Installing an SSL Certificate using IIS 10.|
|CSR Generator||This is a straightforward web-based form that generates both a CSR and a Private Key.|
Generate a PFX file with a CSR via OpenSSL through a Linux application
Verify the domain with the CSR. You then submit the CSR to the SSL Certificate Authority designated in Step 1 and receive the certificate files. The certificate authorities generally provide the data in a single compressed (zip) file.
Install the SSL certificate into the server.
Set up HTTPS redirection.
You can set up a redirect from HTTP to HTTPS by using the IIS rewrite module. For more information on this process, please review the Microsoft tech blog entry titled "Redirect From HTTP to HTTPS Using the IIS URL Rewrite Module."
You can also set up a redirect through DNN by setting the pages to all secure by running the following query and setting the PortalID for the portal you would like secure:
UPDATE Tabs SET IsSecure = 1 AND PortalID = #
You can verify that the SSL certificate was correctly installed when you browse the domain via HTTPS and see the padlock beside the domain in the address bar.
If the site is still not secure, press F12 to open the developer tools. Click the Security tab, and there is an error message that tells you what went wrong.