Sitecore how to configure SSL (HTTPS) in your Sitecore config files

SSL and HTTPS have been the hot topic since Google began to use HTTPS as a signal in their search rankings.

Fortunately, Sitecore really does not care if it runs in HTTP or HTTPS, so most of the configurations are purely .NET related. Here is what you do if you have a single domain Sitecore installation, or a Sitecore installation that shares the root domain (…).


This usually involves a hosting company. If you are lucky enough (as I am) to know a hosting company that takes responsibility and provide a great service, this requires sending a mail and wait for the answer. If not you can follow one of the many guides online on how to obtain and install the SSL certificate.


In web.config, add your domain to the forms authentication. This is pure .NET, nothing to do with Sitecore. Replace the MYCOMAIN.COM with your own domain.

<authentication mode="None">
  <forms domain=".MYDOMAIN.COM" timeout="43200" slidingExpiration="true" name=".ASPXAUTH" cookieless="UseCookies" />


In web.config, add your domain and set requireSSL in the httpCookies property. Again, this is .NET, not Sitecore specific. This binds any cookies to the root domain we specify, and secures the cookie (no cookies are sent to the server unless the connection is secure (HTTPS)).

<httpCookies httpOnlyCookies="true" requireSSL="true" lockItem="true" domain=".YOURDOMAIN.COM" />


In Sitecore.config, set the scheme=”https” in your sites section. This is used by Sitecore when URL’s are generated, and ensures that when a fully qualified URL is generated, the URL is prefixed with https://

<site name="website" 
      ... ... 


The site as configured now will still serve pages using the HTTP protocol. But any cookies will not be persisted unless we use the proper domain and proper scheme. So you need to redirect any HTTP request to HTTPS. This is always a fun coding project, but can also be achieved by configuring the load balancer, or using the IIS URL Rewrite Module.



Posted in Sitecore 6, Sitecore 7, Sitecore 8 | Tagged , , | Leave a comment

Sitecore Hiding items: Clean up the cluttered content tree

As a followup to a question from Derek Dysart on my previous post, How to make the experience editor a great experience for your editors I will explain how you can clean up the Sitecore content tree by hiding system items.

A common system item is the “components” (or whatever you call it) folder containing the data sources for components belonging to a certain content item. This folder is usually placed below your content item. The folder have no presentation, no URL, and does only exist because we like to build pages from many data sources in order to be able to personalize every component of a page.

Components Folder

A Components folder below the content item

This is not something the editors should see. Their tree should only contain the actual contents of the website.

A tree containing content only

A tree containing content only

All you have to do to is to select the “components” folder on your master, go to the “Configure” tab and select “Hide item“:

Hide Item

Hide Item

When the item is hidden, the button text changes:

Hidden Item

Hidden Item

Hiding items does only mean that the item is gone from the content tree. The item is still fully available from Sitecore, and also from the Experience Editor:

Hidden folder visible in the Experience Editor

Hidden folder visible in the Experience Editor

Also, as an administrator you can still see the item, provided you check the “Hidden Items” on the “View” tab:

View Hidden Items Enabled

View Hidden Items Enabled


Posted in Sitecore 6, Sitecore 7, Sitecore 8 | Tagged , , , | 2 Comments

Sitecore how to make the experience editor a great experience for your editors

In Sitecore it is very easy to toss in a few renderings on a page, set the renderings flag to “editable”, and voila, the page is editable using the Sitecore Experience Editor.
But that kind of laziness often ends up being a pain for the people using the Experience Editor. Just image that it is you who gets this screen when selecting a rendering:

Select a Rendering - the bad way

Select a Rendering – hmm what to choose?

Wouldn’t you prefer a screen like this:

Select a rendering - the better way

Select a rendering – with images and translated text

Stuff like this takes more time that knowledge to do. So here is a quick guide on how to set up Sitecore so your renderings are presented properly in the experience editor.



I still use sublayouts, the webform (.ascx) based renderings, but the techniques are the same for MVC based renderings. I will use the term “rendering” to cover both technologies.


First of all, you need to set a display title for your renderings, as this is what Sitecore displays below the image. Remember that the language used for the display title is not the language you are editing, but the language in which Sitecore is running – exactly the opposite of what the Sitecore Shell does.

A rendering with a display title

All renderings with a display title, here in Danish


In my project I save all data sources in a hidden folder below my item. This means that they are not shareable between items. A small trade off for a better overview of which components are placed on the page (this is only half the truth – some renderings are in fact shared but for the most part they are not. You should carefully decide what content is shareable and what is not). Setting up the data source location is done using a Sitecore query pointing to the folder below the current item:

Datasource Location and Template

Datasource Location and Template

When the user is seeing the “Select the Associated Content” window, only the components on the page is displayed. Also note that I have given each of my templates their own icon. This helps also.

Select the Associated Content

Select the Associated Content window


The field for the image shown in the “Select a Rendering” window is hidden in the appearance section of Sitecore, so you must enable the “Standard Fields” to find it. It is the field called “Thumbnail“.
Now, I know that the field have a “Take screenshot” function, the thumbnail is only 128×128 pixels, making a screenshot very small. I always make a stylized image, upload it to the media library in my own “System” folder and use that instead.



When moving the rendering to production you must remember to include the image in your package.



The template needs to be user friendly too. Here is what you can do:


Sitecore contains 16.000+ icons, and yes, none of these match your needs. However, spend a few minutes to see if you can find an icon that matches as close as possible. The icon is presented in the “Select the Associated Content” window so although it is not the most important part of your user experience, it is cheap to implement.

Templates with icons

Templates with icons


Remember to set a title for your field. My field names are namespaced and rather technical. The user should not be aware of my strange naming. Use the field “Title” and again, remember that it is the language of the Sitecore instance that is displayed, not the language of your content – the exact opposite of what the Sitecore Shell does.

Editing the title

Editing the title – here with a translated text for the field



Setting up the renderings for the experience editor requires more time than knowledge. Be lazy and the end user will hate you. Be thorough and your end user will love you.


Posted in Sitecore 7, Sitecore 8 | Tagged , | 6 Comments

Sitecore Failed to update profile pattern

My Sitecore CD servers logged the following errors 2-3 times per minute:

7760 11:10:46 ERROR Failed to update profile pattern
Exception: System.ArgumentNullException
Message: Value cannot be null.
Parameter name: item
Source: Sitecore.Kernel
at Sitecore.Diagnostics.Assert.ArgumentNotNull(Object argument, String argumentName)
at Sitecore.Analytics.Data.Items.ItemRecords`1.<GetDescendants>d__8.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Sitecore.Analytics.Data.Items.ProfileItem.get_MappedPatterns()
at Sitecore.Analytics.Data.Items.ProfileItem.MatchPattern(IProfileData profile, IPatternDistance distance)
at Sitecore.Analytics.Tracking.Profile.UpdatePattern()

The error occurs because the editors who set up the profile and pattern cards on the solution accidentally renamed the Pattern Cards folder:

Profile and Pattern Cards

Profile and Pattern Cards

Do not rename the folder names. Sitecore uses the names to find the cards. Instead, change the Display Name if the name of the folder does not suit you.


Posted in Sitecore 8 | Tagged , , , | Leave a comment

Get Sitecore System Info

Would you like to know the System Info of your current Sitecore instance:

Sitecore System Info

Sitecore System Info

It’s fairly easy. I created an SysInfo.aspx page and dumped in into the /sitecore modules/shell folder. The page is now available on the URL <yourwebsite>/sitecore modules/shell/sysinfo.aspx.

The top info is retrieved directly from Sitecore using the Sitecore.Configuration.About.ToHtml() method. The rest is retrieved from the Sitecore Configuration:

<%@ Page Language="c#" EnableEventValidation="false" AutoEventWireup="true" EnableViewState="false" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Security.Principal" %>
<%@ Import Namespace="System.Threading" %>

<script runat="server">
  void Page_Init(object sender, System.EventArgs e)

  void Page_Load(object sender, System.EventArgs e)
    Response.Buffer = false;
    Response.BufferOutput = false;

<!DOCTYPE html>
<html xmlns="">
<head runat="server">
  <title>System Info</title>
  <form id="MainForm" runat="server"></form>
  <%# Sitecore.Configuration.About.ToHtml() %><br />
  <br />
      <td>Instance name</td>
      <td><%# Sitecore.Configuration.Settings.InstanceName %></td>
      <td>Data Folder</td>
      <td><%# Sitecore.Configuration.Settings.DataFolder %></td>
      <td>Log folder</td>
      <td><%# Sitecore.Configuration.Settings.LogFolder %></td>
      <td>Temp folder</td>
      <td><%# Sitecore.Configuration.Settings.TempFolderPath %></td>
      <td>Version file</td>
      <td><%# Sitecore.Configuration.Settings.VersionFilePath %> <%# File.Exists(Sitecore.Configuration.Settings.VersionFilePath) ? "found" : "Not found" %></td>
      <td>License file</td>
      <td><%# Sitecore.Configuration.Settings.LicenseFile %> <%# File.Exists(Sitecore.Configuration.Settings.LicenseFile) ? "found" : "Not found" %></td>
      <td>Analytics enabled</td>
      <td><%# Sitecore.Configuration.Settings.Analytics.Enabled %></td>
      <td>License ID</td>
      <td><%# Sitecore.SecurityModel.License.License.LicenseID %></td>
      <td>Sitecore.xDB.Base is present</td>
      <td><%# Sitecore.SecurityModel.License.License.HasModule("Sitecore.xDB.Base") %></td>
      <td>xDB enabled</td>
      <td><%# Sitecore.Configuration.Settings.GetBoolSetting("Xdb.Enabled", true) %></td>
  <hr />
  <%# System.Web.Helpers.ServerInfo.GetHtml() %>

To top it off I also added a call to System.Web.Helpers.ServerInfo.GetHtml() to get the .ASP Net info:

.ASP Net Server Info

.ASP Net Server Info



Please be aware that the information on a page like this is highly classified and is pure candy for any hacker. So make sure that the page is not available from outside, or at least protected by security of some kind.

I always protect pages like this using Declarative security as described in this blog post: Using Declarative Security in Sitecore. Even if the page is not available from the web.


Posted in c#, General .NET, Sitecore 5, Sitecore 6, Sitecore 7, Sitecore 8 | Tagged , | Leave a comment

Sitecore MongoDB – What do we know about a contact?

The Sitecore Analytics can be somewhat of a black box. All we know is that Sitecore stores everything about a site visitor in a Contact object and stuffs it into MongoDB when the visitor session expires.

A while ago my colleague Lasse Pedersen gave me the following scripts to be executed in RoboMongo to debug and see what Sitecore does know about my contact. The script is especially useful when working with named contacts. Replace the IDENTIFIER_NAME with the name of your contact and run it inside RoboMongo:

identifier = db.Identifiers.findOne({_id: /IDENTIFIER_NAME/i});
contact = db.Contacts.findOne({_id:});
classifications = db.ClassificationsMap.findOne({_id: contact._id });
userAgents = db.UserAgents.find({_id:{$in: classifications.Classificators.UserAgents}});
devices = db.Devices.find({LastKnownContactId: contact._id});
interactions = db.Interactions.find({ContactId: contact._id});

So what does the scripts return?


Contact Identifier

Contact Identifier

This is just the identifier information.


Contact Contact

Contact Contact

This is the complete Contact object, including all the Contact Facets that you have added yourself.


Contact Classifications

Contact Classifications

This is the data that helps Sitecore identify if the current contact is a human or a robot.


Contact Useragents

Contact Useragents

Here you will find the reference to the user agent data, and the information as to whether the contact was indeed identified as a human or a robot.


Contact Devices

Contact Devices

A device is essential the cookie that was used when the user interacted with the website. Sitecore will use these data to merge contacts as it links one Contact to every device used.


Contact Interactions

Contact Interactions

This is each interaction that the contact have had with the website.


Posted in Sitecore 8 | Leave a comment

Send email via SparkPost and C#

SparkPost is yet another email service. It is easy to work with, seems robust, and it will be fairly easy on your client’s budget, as you get 100.000 emails per month for free (as per jan 2017).

A SparkPost email is set up using a template where you specify replacement tokens using a {{tokenname}} syntax:

Sparkpost Template with token replacements

Sparkpost Template with token replacements

Sending an email is done by calling the SparkPost API endpoint. You submit a JSON document containing the recipient email address plus the replacement tokens of your choice.

So let’s send an email.

First I will create a class that can generate the JSON string containing the data to send to SparkPost. The real coder would create objects that get serialized, but for this example, a StringBuilder will do the trick. To send an email we need at least a template name (the name of the SparkPost template), a campaignID (when tracking the emails afterwards) and an email address. The rest is dynamic data (and there is much more to do than just replacing strings but let’s keep it simple):

public byte[] CreateJsonBody(string templateName, string campaignID, string email, string firstName, string lastName)
  StringBuilder sb = new StringBuilder();
  sb.AppendFormat(@"  ""campaign_id"": ""{0}"",", campaignID);
  sb.Append(@"  ""recipients"": [");
  sb.Append(@"    {");
  sb.AppendFormat(@"      ""address"": ""{0}"",", email);
  sb.Append(@"      ""substitution_data"": {");
  sb.AppendFormat(@"        ""email"": ""{0}"",", email);
  sb.AppendFormat(@"        ""firstname"": ""{0}"",", firstName);
  sb.AppendFormat(@"        ""lastname"": ""{0}""", lastName);
  sb.Append(@"      }");
  sb.Append(@"    }");
  sb.Append(@"  ],");
  sb.Append(@"  ""content"": {");
  sb.AppendFormat(@"    ""template_id"": ""{0}""", templateName);
  sb.Append(@"  }");

  byte[] body = Encoding.UTF8.GetBytes(sb.ToString());
  return body;

Next step is to create a Service that will post the data to the SparkPost service:

using System;
using System.IO;
using System.Net;
using System.Text;

namespace MyNamespace
  public class SparkPostService
    private readonly string _SPARKPOSTURL = "";
    private readonly string _sparkPostAuthorizationKey;

    public SparkPostService(string sparkPostAuthorizationKey)
      _sparkPostAuthorizationKey = sparkPostAuthorizationKey;

    public string SendEmail(byte[] jsonBody, out string contentType)
        HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(_SPARKPOSTURL);

        webRequest.KeepAlive = false;
        webRequest.ServicePoint.ConnectionLimit = 24;
        webRequest.Headers.Add("UserAgent", "MyUserAgent");
        webRequest.ProtocolVersion = HttpVersion.Version10;

        ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;

        webRequest.ContentType = "application/json";
        webRequest.Accept = "application/json";
        webRequest.Headers.Add("Authorization", _sparkPostAuthorizationKey);
        webRequest.Method = WebRequestMethods.Http.Post;
        webRequest.ContentLength = jsonBody.Length;
        Stream dataStream = webRequest.GetRequestStream();
        dataStream.Write(jsonBody, 0, jsonBody.Length);
        byte[] bytes;
        using (WebResponse webResponse = webRequest.GetResponse())
          contentType = webResponse.ContentType;
          using (Stream stream = webResponse.GetResponseStream())
            using (MemoryStream memoryStream = new MemoryStream())
              byte[] buffer = new byte[0x1000];
              int bytesRead;
              while ((bytesRead = stream.Read(buffer, 0, buffer.Length)) > 0)
                memoryStream.Write(buffer, 0, bytesRead);
              bytes = memoryStream.ToArray();
        return Encoding.UTF8.GetString(bytes);
      catch (Exception ex)
        throw new Exception(GetType() + "Failed to retrieve data from '" + _SPARKPOSTURL + "': " + ex.Message, ex);


To send an email I can now do the following:

string sparkPostKey = (found in SparkPost);
string contentType;

SparkPostService service = new SparkPostService(sparkPostKey);
string result = service.SendEmail(CreateJsonBody("my-first-email", "myCampaign", "", "Brian", "Pedersen"), out contentType);

The SparkPost authorization key is created inside SparkPost.

SparkPost will now send an email where my name and email is substituted:

Sparkpost Email

Sparkpost Email


Posted in c#, General .NET | Tagged , | Leave a comment

Sitecore custom cache that is cleared on publish

In this article I will demonstrate how to create a custom Sitecore cache and how to ensure that it is cleared when you publish.

First I will create the simplest custom cache available:

namespace MyNamespace
  public class MyCustomCache : CustomCache
    public MyCustomCache(string name, long maxSize) : base("MyCustomCache." + name, maxSize)

    public string Get(string cacheKey)
      return GetString(cacheKey);

    public void Set(string cacheKey, string value)
      SetString(cacheKey, value);

The cache is instantiated with a name, meaning that you can use the class to create more than one cache, as long as you remember to give each instance its own name.

The cache contains a string as key and returns a string as value. It is used like this (pseudocode):

// Instantiation, set up an 1MB cache
private MyCustomCache myCustomCache = new MyCustomCache("CacheName", StringUtil.ParseSizeString("1MB"));

// Get value from cache
string myValue = myCustomCache.Get(myKey);

// Set value in cache
myCustomCache.Set(myKey, myValue);

To clear the cache on publish, we need to set up an event handler on either publish:end and publish:end:remote or publish:complete and publish:complete:remote.

There is a little confusion as to when in the publish pipeline these events are fired. In previous versions (prior to Sitecore 7.2), publish:end and publish:end:remote was fired for each language and each target, and publish:complete and publish:complete:remote was fired when the publish job was done. But in later versions, publish:end and publish:end:remote is also only fired once.

The :remote events (publish:end:remote and publish:complete:remote) is fired on your remote (i.e. CD servers) by the way.

Enough talk, lets code the cache clearer. First I will set up the 2 new events on publish:end and publish:end:remote:

  <event name="publish:end">
    <handler type="MyNamespace.MyCacheClearer, Mydll" method="ClearCaches">
      <caches hint="list">
  <event name="publish:end:remote">
    <handler type="MyNamespace.MyCacheClearer, Mydll" method="ClearCaches">
      <caches hint="list">

The events will now call the method ClearCaches on the Mynamespace.MyCacheClearer class:

namespace MyNamespace
  public class MyCacheClearer 
    public void ClearCaches(object sender, EventArgs args)
      Assert.ArgumentNotNull(sender, "sender");
      Assert.ArgumentNotNull(args, "args");
      catch (Exception ex)
        Log.Error(this + ": " + ex, ex, this);

    private void DoClear()
      foreach (string cacheName in Caches)
        Cache cache = CacheManager.FindCacheByName(cacheName);
        if (cache == null)
        Log.Info(this + ". Clearing " + cache.Count + " items from " + cacheName, this);

    private readonly ArrayList _caches = new ArrayList();
    public ArrayList Caches
        return this._caches;

The DoClear() method uses the <caches> list from the configuration to find which caches to clear. You should write the names of each of the caches to be cleared in the configuration.


The caches are first created when instantiated and the first element is added. That is why it is not available in the /sitecore/admin/cache.aspx administration tool on Sitecore startup.



Posted in c#, General .NET, Sitecore 6, Sitecore 7, Sitecore 8 | Tagged , , , , , , , | Leave a comment

Sitecore General error when submitting contact – Another contact with the same identifier already exists

In Sitecore when creating your own contacts you can get the following exception:

10604 10:16:27 ERROR General error when submitting contact.
Exception: System.InvalidOperationException
Message: Another contact with the same identifier already exists.
Source: Sitecore.Analytics.MongoDB
   at Sitecore.Analytics.Data.DataAccess.MongoDb.MongoDbDataAdapterProvider.SaveContactWithIdentifier(IContact contact, ContactSaveOptions saveOptions)
   at Sitecore.Analytics.Data.DataAccess.MongoDb.MongoDbDataAdapterProvider.<>c__DisplayClass9.<SaveContact>b__7()
   at Sitecore.Analytics.Data.DataAccess.MongoDb.MongoDbDataAdapterProvider.Try(Action action)
   at Sitecore.Analytics.Data.DataAccess.MongoDb.MongoDbDataAdapterProvider.SaveContact(IContact contact, ContactSaveOptions saveOptions)
   at Sitecore.Analytics.Data.ContactRepository.SaveContact(Contact contact, ContactSaveOptions options)
   at Sitecore.Analytics.Tracking.ContactManager.SubmitContact(Contact contact, ContactSaveOptions options, Contact& realContact)

The error can occur if you try to flush a contact with a new contact ID but with an existing identifier. It usually is a result of Sitecore having a mismatch between what the ContactRepository and the MongoDB contains.

This pseudocode explains the situation:

ContactRepository contactRepository = Factory.CreateObject("tracking/contactRepository", true) as ContactRepository;
ContactManager contactManager = Factory.CreateObject("tracking/contactManager", true) as ContactManager;
// Contact is loaded from repository but repository cannot find it
Contact contact = contactRepository.LoadContactReadOnly(username);
// ... so we try to create it
if (contact == null)
  // Contact is created in memory
  contact = contactRepository.CreateContact(ID.NewID);
 contact.Identifiers.Identifier = username;
  // And we try to write it to xDB (MongoDB)
  // but the contact is already there. 

The problem arises as the FlushContactToXdb does not throw an exception, so you are left with the impression that the Contact is created and everything is fine.

If you are using the ExtendedContactRepository as I described in the blog post Sitecore Contacts – Create and save contacts to and from xDB (MongoDB), you risk that the GetOrCreateContact method goes in an infinite loop because:

  1. We try to load the contact, but the contact is not found
  2. We Create a new contact
  3. We flush the contact, but the flush method fails silently
  4. We call step 1

To avoid the infinite loop, please see Dan’s suggestion to how to solve it:

Or you can add a retry counter in the class.

Add the following 2 lines to the class:

private const int _MAX_RETRIES = 10;
private int _retries;

Then modify the private method GetOrCreateContact:

private Contact GetOrCreateContact(string username, LockAttemptResult<Contact> lockAttempt, ContactRepository contactRepository, ContactManager contactManager)
  switch (lockAttempt.Status)
	case LockAttemptStatus.Success:
	  Contact lockedContact = lockAttempt.Object;
	  lockedContact.ContactSaveMode = ContactSaveMode.AlwaysSave;
	  return lockedContact;

	case LockAttemptStatus.NotFound:
	  Contact createdContact = CreateContact(username, contactRepository);
	  Log.Info(string.Format("{0}: Flushing contact '{1}' (contact ID '{2}') to xDB.", GetType().Name, createdContact.Identifiers.Identifier, createdContact.ContactId), this);

	  // NEW CODE: Check for retries, and throw an exception if retry count is reached
	  if (_retries >= _MAX_RETRIES)
		throw new Exception(string.Format("ExtendedContactRepository: Contact {0} could not be created. ", username));

	  return GetOrCreateContact(username);

	  throw new Exception("ExtendedContactRepository: Contact could not be locked - " + username);

This is still experimental code, but as described before, so is the ExtendedContactRepository.



Posted in .net, c#, General .NET, Sitecore 8 | Tagged , , , , , | 1 Comment

Sitecore Scheduled Tasks – Run on certain server instance

If you would like certain Sitecore Scheduled Tasks run on a certain server instance (your CM server for example) the approach is pretty simple.

First, create a new folder under /sitecore/system/Tasks. I have a new folder called “CMSchedules“. Place your Scheduled Tasks in this folder.

Scheduled Tasks in separate folder

Scheduled Tasks in separate folder

Then tell Sitecore to execute these tasks. Place the following configuration on the instance you wish should run these tasks. Do not place the configuration on servers that should not run the tasks.

You need to patch the Sitecore.config (for Sitecore 8.1 and up) or web.config (for versions prior to Sitecore 8.1). Add the following to the /sitecore/scheduling section:

<agent type="Sitecore.Tasks.DatabaseAgent" method="Run" interval="00:05:00">
  <param desc="database">master</param>
  <param desc="schedule root">/sitecore/system/Tasks/CMSchedules</param>

The configuration tells Sitecore to execute all tasks in the /sitecore/system/Tasks/CMSchedules every 5 minutes.



Posted in Sitecore 5, Sitecore 6, Sitecore 7, Sitecore 8 | Tagged , | 3 Comments