[Jayman]

Does anyone know how to configure IIS 6 on Windows Server 2003 to automatically redirect to HTTPS when the client only enters HTTP for the URL?

I've got the portal up and running and I installed the certificate from VeriSign.

When I set-up the web site, I checked the 'Require Secure Channel (SSL)' when I installed the certificate.

I made the assumption that IIS would automatically force the redirect. This is not the case.

What happens is the user just gets a 403.4 error stating they have to use HTTPS.

So besides programmatically forcing the redirect, I don't want to have to do this, is there a configuration setting in IIS that will do it automatically?

[PsychoCoder]

• In IIS Manager, expand the local computer, right-click the Web site or directory you want to redirect, and click Properties.
  
• Click the Home Directory, Virtual Directory, or Directory tab.
  
• Under The content for this source should come from, click A redirection to a URL.
  
• In the Redirect to box, type the URL of the destination directory or Web site. For example, to redirect all requests for files in the Catalog directory to the NewCatalog directory, type /NewCatalog.

You could also try his suggestion or these steps

Hope one of those help

[Jayman]

Thanks, but I already came across those tips.

I cannot change the default 403.4 error page because we have multiple sites running and this will affect all of them. And the info from the MSDN only redirects to a different location, but doesn't change the protocol.

You'd think this would be built in functionality of IIS, but after spending all day looking for answers, I've got nothing, other than coding for it to redirect.

I'm thinking of just putting the site in a subdirectory and only having a default.aspx page in the root of the web site. When the default.aspx loads, it does nothing more than redirect to HTTPS.

Seems like that requires the least amount of change and should work. Thoughts?

[PsychoCoder]

Another option is to create a separate site (which the users will go to if they type in your url) then have a single file for that site, if you want an HTML file just have this in the page

<meta http-equiv="Refresh" content="0;URL=https://www.example.com" /

Or an ASP.NET page with

Response.Redirect("https://www.example.com");

EDIT: Jaymay Here's something that may work for you as well.

[Jayman]

That last link you provided might just do the trick. I will try it when I get back to work next week.

Thanks, Richard.

[PsychoCoder]

No problem (I spent a lot of time last night trying to find a resolution as it's an intriguing issue).

[no2pencil]

If the only website that you are wishing to host is this single one, could you just forward port 80 requests to port 443 on the router?