I recently saw some articles about well-respected free SSL certificates from Lets Encrypt. Not only are Let's Encrypt certificates free, but they are also much easier to setup because the whole process is automated and, once you've got DNN properly configured, completes in about 10 seconds as opposed to a whole lot of manual steps for most SSL Certs.
Most of the Lets Encrypt stuff is intended for Linux machines but there are now nice solutions for Windows Servers running IIS. As I tried to add a certificate to a DNN site, I ran into a few issues but they were fairly easy to solve.
There are a couple other blogs that describe similar solutions, this one uses the LetsEncrypt-Win-Simple command line utility but is otherwise nice and simple. I prefer, the Certify The Web application as it has a nice UI and is simple to use.
Step 1. Download and install the latest version of Certify The Web. Don't run it just yet...
Step 2. If you are using Advanced URLs (default for installs of DNN for the last 5 years) Update DNN to be able to interact with Lets Encrypt
To do this, you need to modify the URL Management functionality to allow interaction with a special directory. So run this SQL against your database in SSMS:
DECLARE @SettingName nvarchar(50)
DECLARE @SettingValue nvarchar(256)
SET @SettingName = 'AUM_IgnoreUrlRegex'
SET @SettingValue = '(?<!linkclick\.aspx.+)(?:(?<!\?.+)(\.pdf$|\.gif$|\.png($|\?)|\.css($|\?)|\.js($|\?)|\.jpg$|\.axd($|\?)|\.swf$|\.flv$|\.ico$|\.xml($|\?)|\.txt$|/\.well-known/acme-challenge/))'
IF(EXISTS(SELECT SettingName FROM HostSettings WHERE SettingName = @SettingName))
BEGIN
UPDATE
HostSettings
SET
SettingValue = @SettingValue
WHERE
SettingName = @SettingName
END
ELSE
BEGIN
INSERT INTO
HostSettings
(
SettingName,
SettingValue,
SettingIsSecure,
CreatedByUserID,
CreatedOnDate,
LastModifiedByUserID,
LastModifiedOnDate
)
VALUES
(
@SettingName,
@SettingValue,
0,
-1,
GETDATE(),
-1,
GETDATE()
)
END
The above SQL was borrowed from Dan Cricket's blog on a similar method
Step 3: Restart your web site in IIS (or clear your cache or add a space in your web.config and save it)
Step 4: Run the Certify The Web app and follow the normal process.
That should do it. Shouldn't take more than a couple minutes.
Enjoy!