Tuesday, April 12, 2011

IIS 7.5 Redirect HTTP to HTTPS

Recently we deployed a secure website that needed to automatically redirect HTTP traffic to HTTPS. This is quite easy to do if the site is published using Microsoft ISA / TMG but as this was a hosted product on a third party Firewall we needed to do the redirect using IIS only.

The site was running on IIS 7.5 and we performed the following steps:

1. Open the IIS Management Console, Click on the site in question and then double-click on SSL settings.


2. Tick the ‘Require SSL’ Box


3. Go back to the IIS Management Console and double-click on the IIS Error Pages icon. Not the .Net Error pages… as shown in the screen clipping below.


4. Double-Click the 403 error and in the dialog box that opens select respond with a 302 redirect and then enter the https://urlname that it needs to redirect to.


5. Click OK and your HTTP site will now automatically redirect to HTTPS


No comments: