Using SSL with RockRMS

Question

0

Using SSL with RockRMS

Keith Pavia posted 10 Years Ago

What is the best way to install RockRMS so that at least the admin and member sections are secure? I created a sub domain xyz.ourdomain.com, but ran the install from www.ourdomain.com thinking that it would install then admin portion into the sub-domain.

0
- Keith Pavia replied 10 Years Ago
I sounds like I should have had the SSL certificate installed in the main domain foler and then used the Force SSL on the pages that I want to use SSL. Is that correct?
Edit Answer

I sounds like I should have had the SSL certificate installed in the main domain foler and then used the Force SSL on the pages that I want to use SSL.  Is that correct?
I sounds like I should have had the SSL certificate installed in the main domain foler and then used the Force SSL on the pages that I want to use SSL.  Is that correct?
I sounds like I should have had the SSL certificate installed in the main domain foler and then used the Force SSL on the pages that I want to use SSL.  Is that correct?
Save Cancel
Jeremy Hoff

10 years ago

True! Though, unless you have a wildcard cert, IIS may only really serve SSL for the one domain it's configured.
I hope that helps,
0
- Keith Pavia replied 10 Years Ago
Thank you!

I have asked Arvixe if they can change the cert to point to the main directory, but I'll probablly have to purchase another one. It still would be less that geting a wildcard cert.
Edit Answer

Thank you! I have asked Arvixe if they can change the cert to point to the main directory, but I'll probablly have to purchase another one.  It still would be less that geting a wildcard cert.
Thank you! I have asked Arvixe if they can change the cert to point to the main directory, but I'll probablly have to purchase another one.  It still would be less that geting a wildcard cert.
Thank you! I have asked Arvixe if they can change the cert to point to the main directory, but I'll probablly have to purchase another one.  It still would be less that geting a wildcard cert.
Save Cancel
0
- Keith Pavia replied 10 Years Ago
Hi Jeremy,

So i had the SSL cert install in the main domain, but is is still not working. When I tell the page to force SSL i get a "This page can’t be displayed". I also used the recommended setting for the admin site, which was admin.ourdomain.com. but that is not working either. Sorry, this SSL stuff is just not working for me.
Edit Answer

Hi Jeremy, So i had the SSL cert install in the main domain, but is is still not working.  When I tell the page to force SSL i get a "This page can’t be displayed".  I also used the recommended setting for the admin site, which was admin.ourdomain.com. but that is not working either.  Sorry, this SSL stuff is just not working for me.
Hi Jeremy, So i had the SSL cert install in the main domain, but is is still not working.  When I tell the page to force SSL i get a "This page can’t be displayed".  I also used the recommended setting for the admin site, which was admin.ourdomain.com. but that is not working either.  Sorry, this SSL stuff is just not working for me.
Hi Jeremy, So i had the SSL cert install in the main domain, but is is still not working.  When I tell the page to force SSL i get a "This page can’t be displayed".  I also used the recommended setting for the admin site, which was admin.ourdomain.com. but that is not working either.  Sorry, this SSL stuff is just not working for me.
Save Cancel
Jeremy Hoff

10 years ago

Hi Keith,
It might help to see the site's actual domain name so that I can review the symptom first hand. Do you mind sharing it here?
Thank you,

Keith Pavia

10 years ago

www.therockaz.net

Jeremy Hoff

10 years ago

Thanks. It appears IIS is not listening on 443 for https://www.therockaz.net -- since it sounds like you have only one Cert, this is probably normal. I'll comment further on the other page.
0
- Keith Pavia replied 10 Years Ago
The admin page is not coming up, so I can make any changes. If I set it up just likt the documentation, should i just need to go to admin.xyz.com? As I said, when I change the properties to force SSL, I can no longer access the page that I made that change to.
Edit Answer

The admin page is not coming up, so I can make any changes.  If I set it up just likt the documentation, should i just need to go to admin.xyz.com?  As I said, when I change the properties to force SSL, I can no longer access the page that I made that change to. 
The admin page is not coming up, so I can make any changes.  If I set it up just likt the documentation, should i just need to go to admin.xyz.com?  As I said, when I change the properties to force SSL, I can no longer access the page that I made that change to. 
The admin page is not coming up, so I can make any changes.  If I set it up just likt the documentation, should i just need to go to admin.xyz.com?  As I said, when I change the properties to force SSL, I can no longer access the page that I made that change to. 
Save Cancel
Jeremy Hoff

10 years ago

I receive the same error you see on https://admin.therockaz.net -- it appears that IIS is also not listening on https:// which could lead to the problem.

Is this a production site or is it one you could wipe? I ask because if you are not using this for real data yet, there isn't much need to deal with the heroics of making it work again. It's possible, but it might be simpler to redeploy RockRMS. ;-)

Either way, what we want to do first is make sure that the web pages work on both HTTP:// as well as HTTPS:// before "forcing" SSL. You see, RockRMS will happily run on either SSL or not, and the "Force" option merely makes it a requirement for the configured page(s). In other words, lets get SSL working before you "Force" any pages. :-)

I hope that helps?

Keith Pavia

10 years ago

Thank you! Chatting with Arvixe now. I don't think that SSL is setup properly. That would do it correct? :) I can wipe it no problem.
Also, when I told RockRMS to use admin.therockaz.com for the internal site, what does that actually do? It does not require that I create a subdomain does it? If not, how does it actually get to admin.therockaz.com?

Keith Pavia

10 years ago

I have removed RockRMS. Now there is only one index.html file there. SSL still not working. Arvixe has escalated it to the SSL team. Thank you for your help. Still wondering how admin.therockaz.net works, if there isn't a sub-domain.

Keith Pavia

10 years ago

When I go to http://www.sslshopper.com/ssl-checker.html?hostname=therockaz.net and check the primary domain it says it is working fine. How come I cannot get https://www.therockaz.net/index.html to come up?

Jeremy Hoff

10 years ago

http://www.sslshopper.com/ssl-checker.html?hostname=www.therockaz.net (note the addition of the "www" in the rockaz.net domain name) shows no SSL cert in the error message.

Jim Michael

10 years ago

I concur. There is definitely no SSL certificate installed (or at least, functioning) on either www.therockaz.net or therockaz.net (verified via http://www.digicert.com/help/) . This is "simply" a web server issue and the fact that Rock isn't doing SSL is just a side effect :-)

Keith Pavia

10 years ago

Thanks guys. So, should I use admin.therockaz.net as the internal address? if I do, will I be able to login as admin at that URL?

Jeremy Hoff

10 years ago

Glad to help, Keith.

The choice of domains is really up to you, but I agree that "admin.therockaz.net" is a great choice for your internal (staff-facing) site

Another option I anticipate seeing is "RockRMS.therockaz.net" since RockRMS is the name of the app. Make sure this URL is configured in DNS as well as in RockRMS - Configuration - CMS - Sites.

I hope that helps,

Keith Pavia

10 years ago

OK the DNS is probably the reason it is not working. I'll see if I can figure it out. Thanks again for all of you help. The SSL should working now.
0
- Keith Pavia replied 10 Years Ago
Jeremy,

So, do I create a pointer in DNS that sends admin.therockaz.net to the admin home page https://www.therockaz.net/page/12 , so that when I type in admin.therockaz.net it takes me to https://www.therockaz.net/page/12? The CMS configuration is pointing tot he correct place. Thanks!
Edit Answer

Jeremy, So, do I create a pointer in DNS that sends admin.therockaz.net to the admin home page <a href="https://www.therockaz.net/page/12">https://www.therockaz.net/page/12</a> , so that when I type in admin.therockaz.net it takes me to <a href="https://www.therockaz.net/page/12">https://www.therockaz.net/page/12?</a>  The CMS configuration is pointing tot he correct place.  Thanks!
Jeremy, So, do I create a pointer in DNS that sends admin.therockaz.net to the admin home page <a href="https://www.therockaz.net/page/12">https://www.therockaz.net/page/12</a> , so that when I type in admin.therockaz.net it takes me to <a href="https://www.therockaz.net/page/12">https://www.therockaz.net/page/12?</a>  The CMS configuration is pointing tot he correct place.  Thanks!
Jeremy, So, do I create a pointer in DNS that sends admin.therockaz.net to the admin home page <a href="https://www.therockaz.net/page/12">https://www.therockaz.net/page/12</a> , so that when I type in admin.therockaz.net it takes me to <a href="https://www.therockaz.net/page/12">https://www.therockaz.net/page/12?</a>  The CMS configuration is pointing tot he correct place.  Thanks!
Save Cancel
Jeremy Hoff

10 years ago

Hi Keith,
If you are referring to the Sites config where you set the default page, then yes: RockRMS - Admin Tools - CMS Config - Sites.
I hope that helps,
0
- Jeremy Hoff replied 10 Years Ago
Hi Keith,

Thanks for asking.

RockRMS can be setup to handle multiple "Sites" (RockRMS - Admin Tools - CMS Configuration - Sites) and each Site can have a unique domain name(s). If your currennt configuration is not what you are after with regard to the Member-facing site, and the Admin-facing site, this is where the correction(s) can be made.

When it comes to SSL, so long as your IIS Web Server is setup to use SSL, the only remaining step is to configure your page(s) to use SSL. For that, you'd click Page Properties (little gear on the bottom edge of your screen) - Advanced Settings - then check "Force SSL." That will require the page to use SSL.

Note, all of Rock can be safely run over SSL, but for any pages that transmit personal information I recommend using SSL. For any pages that collect financial info (i.e. accepts credit cards) SSL is required.

I hope that helps?
Edit Answer

Hi Keith, Thanks for asking. RockRMS can be setup to handle multiple "Sites" (RockRMS - Admin Tools - CMS Configuration - Sites) and each Site can have a unique domain name(s).  If your currennt configuration is not what you are after with regard to the Member-facing site, and the Admin-facing site, this is where the correction(s) can be made. When it comes to SSL, so long as your IIS Web Server is setup to use SSL, the only remaining step is to configure your page(s) to use SSL.  For that, you'd click Page Properties (little gear on the bottom edge of your screen) - Advanced Settings - then check "Force SSL."  That will require the page to use SSL. Note, all of Rock can be safely run over SSL, but for any pages that transmit personal information I recommend using SSL.  For any pages that collect financial info (i.e. accepts credit cards) SSL is required. I hope that helps?  
Hi Keith, Thanks for asking. RockRMS can be setup to handle multiple "Sites" (RockRMS - Admin Tools - CMS Configuration - Sites) and each Site can have a unique domain name(s).  If your currennt configuration is not what you are after with regard to the Member-facing site, and the Admin-facing site, this is where the correction(s) can be made. When it comes to SSL, so long as your IIS Web Server is setup to use SSL, the only remaining step is to configure your page(s) to use SSL.  For that, you'd click Page Properties (little gear on the bottom edge of your screen) - Advanced Settings - then check "Force SSL."  That will require the page to use SSL. Note, all of Rock can be safely run over SSL, but for any pages that transmit personal information I recommend using SSL.  For any pages that collect financial info (i.e. accepts credit cards) SSL is required. I hope that helps?  
Hi Keith, Thanks for asking. RockRMS can be setup to handle multiple "Sites" (RockRMS - Admin Tools - CMS Configuration - Sites) and each Site can have a unique domain name(s).  If your currennt configuration is not what you are after with regard to the Member-facing site, and the Admin-facing site, this is where the correction(s) can be made. When it comes to SSL, so long as your IIS Web Server is setup to use SSL, the only remaining step is to configure your page(s) to use SSL.  For that, you'd click Page Properties (little gear on the bottom edge of your screen) - Advanced Settings - then check "Force SSL."  That will require the page to use SSL. Note, all of Rock can be safely run over SSL, but for any pages that transmit personal information I recommend using SSL.  For any pages that collect financial info (i.e. accepts credit cards) SSL is required. I hope that helps?  
Save Cancel

Keith Pavia · Accepted Answer · 2014-06-19T16:22-07:00

0

Keith Pavia replied 10 Years Ago

Thank you Jeremy that helps.

The SSL is working. I just dont think I did it correctly. I had the SSL cert installed in the subdomain xyz.ourdomain.com and I thought when I installed RMS that it would install the admin pages to that subdomain and the front facing website pages to the main domain. That did not work. When it installs, it puts everthing in the domain/folder that you install it from. Not sure why it asked for the internal site address and the external. I guess that confused me. Before I go to far, I want to make sure that I have it installed properly. Any ideas what I did wron and how to fix it? Right now it is installed in the sub-domain folder and no files are in the main domain/folder.

Edit Answer

<p>Thank you Jeremy that helps.</p>

<p>The SSL is working.&nbsp; I just dont think I did it correctly.&nbsp; I had the SSL cert installed in the subdomain xyz.ourdomain.com and I thought when I installed RMS that it would install the admin pages to that subdomain and the front facing website pages to the main domain.&nbsp; That did not work.&nbsp; When it installs, it puts everthing in the domain/folder that you install it from.&nbsp; Not sure why it asked for the internal site address and the external.&nbsp; I guess that confused me.&nbsp; Before I go to far, I want to make sure that I have it installed properly.&nbsp; Any ideas what I did wron and how to fix it?&nbsp; Right now it is installed in the sub-domain folder and no files are in the main domain/folder.</p>

<p>Thank you Jeremy that helps.</p>

<p>The SSL is working.&nbsp; I just dont think I did it correctly.&nbsp; I had the SSL cert installed in the subdomain xyz.ourdomain.com and I thought when I installed RMS that it would install the admin pages to that subdomain and the front facing website pages to the main domain.&nbsp; That did not work.&nbsp; When it installs, it puts everthing in the domain/folder that you install it from.&nbsp; Not sure why it asked for the internal site address and the external.&nbsp; I guess that confused me.&nbsp; Before I go to far, I want to make sure that I have it installed properly.&nbsp; Any ideas what I did wron and how to fix it?&nbsp; Right now it is installed in the sub-domain folder and no files are in the main domain/folder.</p>

Save Cancel

Jeremy Hoff

10 years ago

Hi Keith,
If you are using a Wildcard cert for a single domain.... i.e. "examplechurch.com"... and IIS is configured, then it should also handle subdomains such as "RockRMS.examplechurch." and "www.examplechurch.com".

In other words, IIS will handle the SSL, and RockRMS will handle the routing for your domain names and the Sites. A single RockRMS folder on your filesystem can host virtually unlimited different RockRMS-powered Sites. While it's possible to setup a separate folder on your filesystem, I'm not sure I can think of a good reason to do that if you are using a single Database. (I hope that makes sense?)

Back to your specific question - it sounds like you might be able to resolve this by configuring IIS with another cert - one for each subdomain - and then allowing RockRMS to handle the domain routing.

Ping back if I misunderstood.... thanks!

Question

0

Using SSL with RockRMS

0

0

0

0

0

0

0