Sana Commerce 8.2
Your provider


If you configure full HTTPS and the Sana Commerce backoffice runs as a virtual directory on the frontend domain, then the backoffice will also run via HTTPS. In this case no additional SSL certificate is needed for the Sana Commerce backoffice.
To run fully on HTTPS, Sana Commerce has to be configured to do so:

Step 1: Open the 'web.config' file of the Sana Commerce backoffice and locate the following line in the <appSettings> configuration section:

<add key="FrontendUrl" value="ShopUrl"/>

Step 2: Update 'http' to 'https' in the frontend URL.

Step 3: Locate the following line in the 'system.serviceModel/client' configuration section:

<endpoint address="http://domainname/Management/PublishWebService.asmx" binding="basicHttpBinding" bindingConfiguration="PublishWebServiceSoap" contract="PublishService.PublishWebServiceSoap" name="PublishWebServiceSoap"/>

Step 4: Update 'http' to 'https' in the URL.

Step 5: To make the refresh site cache functionality also working under HTTPS you should accomplish the steps from the chapter 'Configure Publish Web Service for HTTPS'.

Step 6: In Internet Information Services (IIS) Manager configure redirect from HTTP to HTTPS. Redirecting all traffic from HTTP to HTTPS will make sure your customers always access the webshop securely.

Step 6.1: In IIS make sure the original Sana Store web site (the one with SSL encryption) is listening only on port 443. Thus, remove web site binding of the HTTP type which is on port 80 by default.

For information how to manage web site bindings, see the previous chapter 'Configure IIS to Listen to HTTPS'.

Step 6.2: Create a separate dummy web site with the same host name as the real one (e.g. 'SanaRedirect') and make sure it only listens on port 80.

Step 6.3: In IIS Features View open the 'HTTP Redirect' feature page.

The 'HTTP Redirect' feature is not available on the default installation of IIS. Thus, if you do not have it in IIS, see how to install it in the 'HTTP Redirects' chapter of the IIS Library.

Step 6.4: Enable 'Redirect requests to this destination' and enter your webshop URL to which it should be redirected with https instead of http:

Configure Redirect from HTTP to HTTPS

Step 6.5: Configure the redirect behavior and click 'Apply' on the 'Actions' pane to save the changes. For detailed information about the redirect behavior options, see 'HTTP Redirect' in the MSDN Library.

Now Sana Commerce is configured to run fully on HTTPS.