|
Auto redirect http to https
Hi all,
I hope this is the right forum for this question as I am having difficulty with SSL and an ASP.NET 3.5 website. I could not seem to find an appropriate forum on Social MSDN either. I have deployed an ASP.NET 3.5 application to a Windows 2003 IIS6 server. There are 10 domains and 15 separate websites, most sharing the same IP address. Also the PLESK control panel is used to create the new domains/websites. The SSL cert is installed proerly and working fine. When someone types in the domain name with HTTP instead of HTTPS, I want the request to be redirected to the HTTPS site. I have tried changing code in the Global.asax such as... ======== Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs) If (HttpContext.Current.Request.IsSecureConnection.Eq uals(False)) Then Response.Redirect("https://" + Request.ServerVariables("HTTP_HOST") + HttpContext.Current.Request.RawUrl) End If End Sub ======= THe code appears to run in the VS debugger but doesn't help. I still get... ======= The page must be viewed over a secure channel The page you are trying to access is secured with Secure Sockets Layer (SSL). Please try the following: Type https:// at the beginning of the address you are attempting to reach and press ENTER. HTTP Error 403.4 - Forbidden: SSL is required to view this resource. Internet Information Services (IIS) ========= I also tried in IIS Manger, in the properties page for the website, to redirect the URL on the Home tab to https://domain.com. But that didn't work either. It appears that the request is denied at a higher lever somehow. I am at a loss...as I see this behavior is handled properly on most Linux servers. Whay can't I get it to work on a Windows 2003 server? Thanks for any help... |
Re: Auto redirect http to https
Brian Thanks!!!
Your "guess" was excellent. In IIS Manager in the "Directory Security" tab I clicked "Edit" under "Secure communications". Then I unchecked the box "Require secure channel(SSL)". Now the redirection in the Global.asax seems to be working just fine. I will need to test the site more thoroughly, but it looks like everything is running fine. Thanks again and have a great day! John "Brian Cryer" <not.here@localhost> wrote in message news:e3Bt8t1JLHA.2276@TK2MSFTNGP06.phx.gbl... > "John Kotuby" <jkotuby75@comcast.net> wrote in message > news:eggxKO0JLHA.5424@TK2MSFTNGP04.phx.gbl... >> Hi all, >> I hope this is the right forum for this question as I am having >> difficulty with SSL and an ASP.NET 3.5 website. I could not seem to find >> an appropriate forum on Social MSDN either. >> >> I have deployed an ASP.NET 3.5 application to a Windows 2003 IIS6 server. >> There are 10 domains and 15 separate websites, most sharing the same IP >> address. Also the PLESK control panel is used to create the new >> domains/websites. >> >> The SSL cert is installed proerly and working fine. >> >> When someone types in the domain name with HTTP instead of HTTPS, I want >> the request to be redirected to the HTTPS site. >> >> I have tried changing code in the Global.asax such as... >> ======== >> Sub Application_BeginRequest(ByVal sender As Object, ByVal e As >> EventArgs) >> If (HttpContext.Current.Request.IsSecureConnection.Eq uals(False)) Then >> Response.Redirect("https://" + Request.ServerVariables("HTTP_HOST") + >> HttpContext.Current.Request.RawUrl) >> End If >> End Sub >> ======= >> THe code appears to run in the VS debugger but doesn't help. I still >> get... >> ======= >> The page must be viewed over a secure channel >> The page you are trying to access is secured with Secure Sockets Layer >> (SSL). >> >> >> >> Please try the following: >> Type https:// at the beginning of the address you are attempting to reach >> and press ENTER. >> HTTP Error 403.4 - Forbidden: SSL is required to view this resource. >> Internet Information Services (IIS) >> ========= >> >> I also tried in IIS Manger, in the properties page for the website, to >> redirect the URL on the Home tab to https://domain.com. But that didn't >> work either. >> >> It appears that the request is denied at a higher lever somehow. >> >> I am at a loss...as I see this behavior is handled properly on most Linux >> servers. Whay can't I get it to work on a Windows 2003 server? >> >> Thanks for any help... > > This is a guess, but I think the message "This page must be viewed over a > secure channel" is coming from IIS. If so then its probably producing the > message before/instead-of running your code, so my guess is that your > redirection in Global.asax from non-secure to secure isn't being reached. > > If this is the case then try changing the security in IIS to say that it > doesn't require SSL. (Clear the "Require secure channel (SSL)" check box.) > By clearing that option IIS will then let your site run secure or > non-secure. I suspect that your handler will then fire and redirect you > from non-secure to secure. > > Hope this helps. Please post back how you get on. > -- > Brian Cryer > http://www.cryer.co.uk/brian > > |
| All times are GMT. The time now is 02:36 AM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.