HTTP to HTTPS Redirect - IIS 8.5 not working properly

Question

I've read a number of posts here on SO as well as on the 'net (IIS blogs, etc.). I'm trying to force all connections going from domain.com to www.domain.com and at the same time forcing the request from HTTP to HTTPS.

I'm using this set of rules and rewrites but the only thing happening is that it's redirecting fine but not redirecting to SSL.

<!-- Redirect to HTTPS -->
<rewrite>
    <rules>
        <rule name="Redirect to www" stopProcessing="true">
            <match url="(.*)" />
            <conditions trackAllCaptures="false">
                <add input="{HTTP_HOST}" matchType="Pattern" pattern="^mydomain.com$" ignoreCase="true" negate="false" />
            </conditions>
            <action type="Redirect" url="{MapProtocol:{HTTPS}}://www.mydomain.com/{R:1}" />
        </rule>
    </rules>
    <rewriteMaps>
        <rewriteMap name="MapProtocol" defaultValue="http">
          <add key="on" value="https" />
          <add key="off" value="http" />
        </rewriteMap>
    </rewriteMaps>
</rewrite>

What am I doing wrong?

Main blog reference: http://weblogs.asp.net/owscott/url-rewrite-protocol-http-https-in-the-action and this SO post - web.config redirect non-www to www

apart from mistakes in the config, don't forget to do your experiments in an Incognito window in Chrome or your 301 redirects will be cached. You will need to close and start a new incognito window every time yo utry a new one. — CAD bloke, Oct 11 '16 at 09:04

Mukesh Santhanam · Answer 1 · 2017-03-04T06:05:49.937

17

We faced same issue while redirecting from http to https using URL Rewrite module, But after switching off the require ssl module within IIS did the trick.

Go to SSL Settings of website
Uncheck require SSL checkbox.
Apply settings and Restart iis

edited Mar 04 '17 at 06:05

answered Mar 03 '17 at 21:12

Mukesh Santhanam

195
1
7

This was the issue for me – Asiri Dissanayaka Jun 27 '20 at 15:49
This solved it. Thanks! – user3746480 Apr 26 '22 at 15:40

score 14 · Answer 2 · answered Jun 12 '18 at 23:54

14

This is a long shot for some cases but I had deleted my port 80 bindings for the website as I only wanted SSL / port 443. So from what I can tell is Port 80 binding is also needed for the the rewrite to work correctly.

answered Jun 12 '18 at 23:54

Enkode

4,515
4
35
50

1

this worked for me. I published my site using another http port 2021 and deleted default 80 port binding for http. adding it back worked for me. – Atiq Baqi Dec 30 '20 at 05:07
1

This also worked for me because i was just using 443 ports for my www.domain.com and domain.com.I did not know where the problem was , i tried to bind port 80 to the domain.com it worked !! You saved my day , man!! – Doktor Jan 26 '23 at 11:31
This worked for me. I deleted port 80 earlier as I wanted only https. – Savas Karaduman Mar 14 '23 at 21:28

score 13 · Accepted Answer · answered May 29 '15 at 16:25

Edit: So I found this blog post: http://www.meltedbutter.net/wp/?p=231 and gave it a try and voila! Worked like a charm. Not sure why this worked over the rules posted above but in my case the below is working and successfully taking all non-www traffic and redirecting it to both www and https.

<!-- Redirect to HTTPS -->
        <rewrite>
            <rules>
                <rule name="http to https" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="^OFF$" />
                    </conditions>
                    <action type="Redirect" url="https://www.domain.com/{R:1}" redirectType="SeeOther" />
                </rule>
            </rules>
        </rewrite>

`redirectType="seeOther"` is the solution. Its ruined my day. — Ghasem Pahlavan, Jul 10 '17 at 11:24

score 3 · Answer 4 · answered Jun 12 '22 at 06:06

In my case, I did everything @Valien said and lots of other tries but it did not work. finally I found the problem. It was because I was using 2 rules. First rule was rewriting to NodeJs server and the second to redirect http to https. I changed the order and now it is working correctly.

The config with the correct order in case more than 1 rule is applied:

<rewrite>
     <rules>
           <rule name="http to https" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="^OFF$" />
                    </conditions>
                    <action type="Redirect" url="https://mywebsite.com/{R:1}" redirectType="SeeOther" />
           </rule>
           <rule name="ReverseProxyToLocalhost:3000" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://localhost:3000/{R:1}" />
           </rule>
      </rules>
 </rewrite>

i am pulling may hair for days, who would thought the order of rules matters. thank you very much!!! `[+1]` — kapitan, Jan 17 '23 at 12:20

HTTP to HTTPS Redirect - IIS 8.5 not working properly

4 Answers4

Linked