Re: Getting default of https:// instead of http://

From: onelikeseabass (joshua.collins_at_gmail.com)
Date: 01/18/05

  • Next message: JOE Burgos: "Unable to start debugging on Web Server"
    Date: 18 Jan 2005 08:53:22 -0800
    
    

    This only works if the end user has "show friendly HTTP error messages"
    turned OFF in IE. If they don't have it turned off, IE will give them a
    locally generated error message and never even look at the custom
    403.4.

    This is *not* an issue with Firefox/Netscape/any other non-IE browser.

    David Wang [Msft] wrote:
    > This is also a FAQ, so make good use of Google...
    >
    > Actually, you're asking the wrong question... You cannot force IIS
    to use
    > https://www.mysite.com because IIS does not make the decision of what
    > protocol to use on a given request.
    >
    > When someone types in www.mysite.com, the BROWSER/CLIENT CHOOSES a
    default
    > protocol, like http://, to prepend to the URL and make the request.
    >
    > What you CAN do is configure IIS to only accept SSL requests. Now,
    when a
    > browser makes a http:// request, IIS will respond with a 403.4 custom
    error
    > telling the browser "this web page requires SSL". However, browsers
    will
    > just dumbly display that custom error... so what you have to do is
    change
    > the 403.4 custom error that IIS responds with to be a 302 redirection
    to
    > https:// (sorta like the web server telling the browser "hey you, I
    don't
    > accept HTTP requests, but if you let me redirect you to this HTTPS
    URL, we
    > can try that again" ).
    >
    > This is pretty easy to do -- create a ASP page that uses
    Response.Redirect ,
    > set it for the 403.4 custom error, and turn on "SSL-only" at the root
    of
    > your website.
    >
    > Now, if you also need vdirs that are NOT SSL-only, you obviously need
    to
    > configure them specifically to accept non-SSL requests (uncheck the
    "only
    > accept SSL requests" option) and change their 403.4 custom error as
    > appropriate.
    >
    > --
    > //David
    > IIS
    > This posting is provided "AS IS" with no warranties, and confers no
    rights.
    > //
    > "David" <anonymous@discussions.microsoft.com> wrote in message
    > news:52E16370-54EE-4732-80EF-CF20B0E0D58D@microsoft.com...
    > I am using SSL on the root of my web site. How can I force IIS to
    use
    > "https://www.mysite.com" instead of the default
    "http://www.mysite.com" when
    > someone types in "www.mysite.com"
    >
    > Thanks in advance.
    >
    > David Johnson


  • Next message: JOE Burgos: "Unable to start debugging on Web Server"