Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

We strongly recommend that you develop and host your websites on servers with Full trust environment.

Medium trust environment is considered obsolete by Microsoft and will be abandoned in one of the following versions of Kentico. You can find more information on isolating applications on servers using application pools in this article: ASP.NET Partial Trust does not guarantee application isolation.

When you need to deploy Kentico to a medium trust live server, install Kentico on the server and then deploy your website to the installation:

  1. Deploy an already developed website to the medium trust server.

Installing Kentico on a server with medium trust

To install Kentico on a remote server with medium trust environment:

  1. Run the Kentico Installer on your local development computer.
  2. Check the license agreement and select the Custom installation option.
  3. Switch to the Installation type tab.
  4. Select the Prepare for installation on a remote server.
  5. Choose a folder for the project files (for example, C:\Temp\KenticoCMS).
    • The files will be only copied to this location.
  6. Select the .NET Framework version of the remote server.
    Image Removed
    Image Added

  7. Click Install.
  8. Copy the web project files from your local folder (C:\Temp\KenticoCMS) to the root of the website using FTP.
  9. Make sure the web.config file on your server contains the following value in the appSettings section (it specifies that the CMS should use the managed provider):

    Code Block
    <add key="CMSDirectoryProviderAssembly" value="CMS.DirectoryProviderDotNet" />

Kentico is now installed on your remote server with medium trust environment. Continue to the next section to deploy a developed website to the server.

Deploying a website to a server with medium trust

After you have installed Kentico on a live server, you can deploy an already developed website to the installation.

  1. Go to Site Manager -> Sites on your local development computer and click the Export site icon next to the site to be exported.
  2. Enter the name of the export package and click OK.
    • The site will be exported to the <web project>\CMSSiteUtils\Export folder.
  3. Copy the exported package into the <web project>\CMSSiteUtils\Import folder on the live server
  4. Open a web browser and navigate to the /default.aspx page of your live server.

  5. Go through the wizard and create a new Kentico CMS database on your live server.
    • At the end of the process, you will be asked to update your web.config file manually - please follow the instructions on the screen.
  6. At the end of the Database Setup Wizard, choose to import your existing Kentico CMS website (from the previously exported package).

After you have imported the site, you may need to adjust its configuration:

  1. Go to the Site Manager -> Sites section. Edit website properties and make sure the website domain and domain aliases are configured correctly for the production domain(s).
  2. Go to the Site Manager -> Settings and make sure your site settings contain correct values, especially the SMTP server value in the System -> E-mails section.
  3. Go to the Sites section. Click the Open live site icon next to your new site and make sure the website is displayed correctly.

Running the website in a medium trust environment

Once you've installed the website and configured its components (only necessary for some of them), the system should work under a medium trust level properly. Restart your IIS in order for the configuration changes to take effect and run the website.

If your website uses any third-party components that do not support a medium trust level by default, you may need to configure the system for them. In this case, please contact their author to get the information on how to perform the configuration required to run in a medium trust environment.


Configuring components for the medium trust environment

The .NET Framework provides a batch of predefined code access security policies, categorized into several trust levels, which determine the permissions available for applications running on the given machine.

The medium trust level is often used by web hosting providers on shared servers to prevent applications from accessing certain resources that could be harmful to other websites running on the server. Kentico CMS can be used with the default medium trust policy. To run the system under medium trust, you need to follow certain rules. These components require higher than medium trust and must be considered in this situation:

Components to consider when running under medium trust environmentConfiguring the components for medium trust (anchor links)
Staging module - ensures synchronization of content between production and live site servers.Staging (MS Web Services Extensions 3.0)
Bounced e-mail monitoring - this feature of the newsletters module tracks the amount of unsuccessfully delivered e-mails.Bounced e-mail monitoring

Staging (MS Web Services Extensions 3.0)

This section applies only if you're using the Staging module.

The Microsoft.Web.Services3.dll library from the Web Services Extensions 3 (WSE) package which is used by the Staging module requires Full trust permissions because of the low level operations related to the communication protocols. To ensure the proper functionality, the library needs to be registered in the Global Assembly Cache (GAC) of the server. The library is provided by Microsoft and most hosting providers pre-install it on their shared servers.

If you manage the server, please follow these steps:

1. Go to Control panel -> Administrative tools -> Microsoft .NET Framework 2.0 Configuration.

2. Select the Assembly cache, click on Add an Assembly to the Assembly Cache and select the bin\Microsoft.Web.Services3.dll library file from your web project.

3. Delete the bin\Microsoft.Web.Services3.dll file from your web project if it's present.

4. Make sure that your project web.config file contains the following item:

Code Block
  <compilation debug="false" numRecompilesBeforeAppRestart="100">
		<add assembly="Microsoft.Web.Services3, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />

If you are not able to install the library to the GAC or convince your web host to do so, you may still run Kentico CMS under medium trust, but you will not be able to use the Staging module. If this is the case, you will need to manually remove some of the system components by deleting the bin/Microsoft.Web.Services3.dll file from your web project if it is present.

After these changes, your system will work correctly in a medium trust environment but you will not be able to use content staging operations.

Bounced e-mail monitoring

This section is only relevant if you wish to use the bounced e-mails feature of the newsletters module in a medium trust environment.

To be able to check bounced e-mails, the newsletters module makes use of a component that creates outgoing network connections using POP3, a standard e‑mail protocol for receiving maildrops from an e-mail server. This component requires the SocketPermission for its operation, otherwise it fails when attempting to connect to the server. This permission is denied for applications under medium trust.

If you cannot raise the trust level or create a custom security policy that includes this permission, the only solution is to attempt to convince the hosting providers to grant the SocketPermission to your application. If you are unable to do so, the bounced e‑mail monitoring feature will unfortunately not be functional in a medium trust environment.