Auto redirect http to https

  • Thread starter Thread starter John Kotuby
  • Start date Start date
J

John Kotuby

Hi all,
I hope this is the right forum for this question as I am having difficulty
with SSL and an ASP.NET 3.5 website. I could not seem to find an appropriate
forum on Social MSDN either.

I have deployed an ASP.NET 3.5 application to a Windows 2003 IIS6 server.
There are 10 domains and 15 separate websites, most sharing the same IP
address. Also the PLESK control panel is used to create the new
domains/websites.

The SSL cert is installed proerly and working fine.

When someone types in the domain name with HTTP instead of HTTPS, I want the
request to be redirected to the HTTPS site.

I have tried changing code in the Global.asax such as...
========
Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs)
If (HttpContext.Current.Request.IsSecureConnection.Equals(False)) Then
Response.Redirect("https://" + Request.ServerVariables("HTTP_HOST") +
HttpContext.Current.Request.RawUrl)
End If
End Sub
=======
THe code appears to run in the VS debugger but doesn't help. I still get...
=======
The page must be viewed over a secure channel
The page you are trying to access is secured with Secure Sockets Layer
(SSL).



Please try the following:
Type https:// at the beginning of the address you are attempting to reach
and press ENTER.
HTTP Error 403.4 - Forbidden: SSL is required to view this resource.
Internet Information Services (IIS)
=========

I also tried in IIS Manger, in the properties page for the website, to
redirect the URL on the Home tab to https://domain.com. But that didn't work
either.

It appears that the request is denied at a higher lever somehow.

I am at a loss...as I see this behavior is handled properly on most Linux
servers. Whay can't I get it to work on a Windows 2003 server?

Thanks for any help...
 
Brian Thanks!!!

Your "guess" was excellent.
In IIS Manager in the "Directory Security" tab I clicked "Edit" under
"Secure communications".
Then I unchecked the box "Require secure channel(SSL)".

Now the redirection in the Global.asax seems to be working just fine.

I will need to test the site more thoroughly, but it looks like everything
is running fine.

Thanks again and have a great day!

John
 
Back
Top