Re: Getting default of https:// instead of http://
From: onelikeseabass (joshua.collins_at_gmail.com)
Date: 18 Jan 2005 08:53:22 -0800
This only works if the end user has "show friendly HTTP error messages"
turned OFF in IE. If they don't have it turned off, IE will give them a
locally generated error message and never even look at the custom
This is *not* an issue with Firefox/Netscape/any other non-IE browser.
David Wang [Msft] wrote:
> This is also a FAQ, so make good use of Google...
> Actually, you're asking the wrong question... You cannot force IIS
> https://www.mysite.com because IIS does not make the decision of what
> protocol to use on a given request.
> When someone types in www.mysite.com, the BROWSER/CLIENT CHOOSES a
> protocol, like http://, to prepend to the URL and make the request.
> What you CAN do is configure IIS to only accept SSL requests. Now,
> browser makes a http:// request, IIS will respond with a 403.4 custom
> telling the browser "this web page requires SSL". However, browsers
> just dumbly display that custom error... so what you have to do is
> the 403.4 custom error that IIS responds with to be a 302 redirection
> https:// (sorta like the web server telling the browser "hey you, I
> accept HTTP requests, but if you let me redirect you to this HTTPS
> can try that again" ).
> This is pretty easy to do -- create a ASP page that uses
> set it for the 403.4 custom error, and turn on "SSL-only" at the root
> your website.
> Now, if you also need vdirs that are NOT SSL-only, you obviously need
> configure them specifically to accept non-SSL requests (uncheck the
> accept SSL requests" option) and change their 403.4 custom error as
> This posting is provided "AS IS" with no warranties, and confers no
> "David" <firstname.lastname@example.org> wrote in message
> I am using SSL on the root of my web site. How can I force IIS to
> "https://www.mysite.com" instead of the default
> someone types in "www.mysite.com"
> Thanks in advance.
> David Johnson