One more cookbook for redirecting http to https in IIS

First, credit to Michael at this site:

ok, now for my cookbook description.
to secure a whole website.
in iis mmc, properties of website, directory security, secure communications,
click the ‘Require secure channel, require 128-bit encryption’.

now in c:\inetpub\wwwroot, make a nonssl directory in windows explorer.
now in iis mcc, make a virtual directory and point to the
c:\inetpub\wwwroot\nonssl directory.

in iis mmc, right click the new virtual nonssl directory.
goto directory security, secure communications, and uncheck require secure channel.

Drop a file named sslredirect.asp into this directory. Put the following script into it.

< % If Request.ServerVariables("SERVER_PORT")=80 Then Dim strQUERY_STRING Dim strSecureURL Dim strWork ' Get server variables strQUERY_STRING = Request.ServerVariables("QUERY_STRING") ' Fix the query string: strWork = Replace(strQUERY_STRING,"http","https") strWork = Replace(strWork,"403;","") strWork = Replace(strWork,"80","") ' Now, set the new, secure URL: strSecureURL = strWork 'response.write(strSecureURL) ' uncomment for sanity check. Response.Redirect strSecureURL End If %>

Goto iis mmc website properties, custom errors, 403;4.
Switch it to URL and location of:

6. done.

Some good resources:

This entry was posted in Tips. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *