IIS problems http to https redirection

**cheredenine** · 25th February 2009, 12:38 PM

Right. We have Serco Facility and ePortal. I've got external accss up and running, using a reverse proxy sorted out by county. I've got IIS set up so that requests to http://school.LEA.org.uk go straight to the ePortal folder. What I'm trying to do now is set things up so that, not only is SSL required, but users are redirected to an SSL version of sPortal automatically.

Can i get this to work? No i can't.

I've tried creating a custom asp or html pages containing either redirection code gleened from various sources, set these as the error page for the http 403.4 error as advised, and set SSL access only on the relevant websites.

At best I get a 401 (page not found error); at worst I see actual asp code displayed on screen and not parsed correctly.

Currently I'm trying a htm page with javascript to redirect. Accessing eportal with http://servername gets me the 401 page (doing this without the SSL/redirection set up gets me to http://servername/eportal fine).

Any clues? Obviously i want SSL setup and working before we start letting anyone access from offsite..

**jamesb** · 25th February 2009, 12:45 PM

Originally Posted by cheredenine

Right. We have Serco Facility and ePortal. I've got external accss up and running, using a reverse proxy sorted out by county. I've got IIS set up so that requests to OpenDNS go straight to the ePortal folder. What I'm trying to do now is set things up so that, not only is SSL required, but users are redirected to an SSL version of sPortal automatically.

Can i get this to work? No i can't.

I've tried creating a custom asp or html pages containing either redirection code gleened from various sources, set these as the error page for the http 403.4 error as advised, and set SSL access only on the relevant websites.

At best I get a 401 (page not found error); at worst I see actual asp code displayed on screen and not parsed correctly.

Currently I'm trying a htm page with javascript to redirect. Accessing eportal with EduGeek.net gets me the 401 page (doing this without the SSL/redirection set up gets me to http://servername/eportal fine).

Any clues? Obviously i want SSL setup and working before we start letting anyone access from offsite..

401 isn't a page not found error, that'd be 404. Usually 401 is to do with authentication.

The HTTP status codes in IIS 7.0 - IIS HTTP status errors.

If you're getting the 401 error, check the authentication methods you're permitting.

**cheredenine** · 25th February 2009, 12:55 PM

My mistake its a 403 error - but i can't work out quite which one as it doesn't seem to match any of the template error pages on the server. All the template 403 errors on the server have the .xx number to specify the specific reason and theres one generic 403 page, but none seem to match what i'm getting..

**jamesb** · 25th February 2009, 01:02 PM

Originally Posted by cheredenine

My mistake its a 403 error - but i can't work out quite which one as it doesn't seem to match any of the template error pages on the server. All the template 403 errors on the server have the .xx number to specify the specific reason and theres one generic 403 page, but none seem to match what i'm getting..

If you check the IIS logs for the site it should give you the full error, including the substatus. It'll also tell you exactly what caused the error, since 403 describes some sort of forbidden action on the part of the client.

If its 403.4 then SSL is being required, and its forbidding access without it. 403.5 would be 128 bit SSL required.

Other possibilities which I can think of would be 403.7 (requires client certificate), 403.13 (client certificate has been revoked), or any of the others listed on the Microsoft KB article.

**cheredenine** · 25th February 2009, 01:38 PM

Right, from the IIS logs relevant to today and my test machine, i get a 403 error under the cs(User-Agent) heading, then a 4 under sc-status and a 5 under sc-substatus. Not sure if the latter two headings are linked to the first, but can't see anywhere else where a more detailed list of the error exists.

**jamesb** · 25th February 2009, 01:42 PM

By the looks of it in that case, your redirection page is requiring SSL. Since its not an SSL site, its then refusing to service the client's request.

On the plus side, your SSL is working.

**cheredenine** · 25th February 2009, 01:51 PM

Just went back to it, took another look, required SSL on the default website, switched the SSL requirement off for the redirect page and BAM! it works.

But, but, but... This is what i did before, i'm positive! I think it was just being difficult and playing hard to get until i was forced to ask questions about it online. Bloomin' thing.

Thanks for your help!

**Jay** · 27th February 2009, 06:14 PM

A better way would be to rewrite the custom error page to redirect, or (if the 403 error code permits a URL) simply send the user to the https page.

By turning off "Require SSL", users could remove the s from https and get unencrypted access (why they would I don't know, but they could).

J

LinkBack

Thread Tools

Search Thread

IIS problems http to https redirection

Similar Threads

Fix separate proxy login prompts for http and https on Safari?

Problems logging in with HTTPS - moodle

IIS Problems.

RDP over HTTP / HTTPS

Random Folder Redirection Problems

Thread Information

Users Browsing this Thread

Posting Permissions