Redirect HTTP to HTTPS in Azure (With Load Balancer)

Question

We have 2 Web servers in Azure that are Load balanced. We just installed SSL in our these azure websites to convert it to HTTPS.

Now we want that any request coming in as HTTP should be changed/redirected to HTTPS connection.

So, I for testing I created a published website on my local machine, then added self signed SSL certificate to get a secure site. Then I used URL rewrite to direct my HTTP site to HTTPS. I used this in Web.config.

This works perfectly on my local published site.

But this fails on the Azure server and gives me an Internal Server Error.

Any ideas?

I used the following in Web.config for the URL rewrite

<rewrite>
    <rules>     
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
            <match url="(.*)" />
                <conditions>
                    <add input="{HTTPS}" pattern="Off" />
                    <add input="{REQUEST_METHOD}" pattern="^get$|^head$" />
                </conditions>
                <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="SeeOther" />
        </rule>         
    </rules>
</rewrite>

score 1 · Answer 1 · edited May 23 '17 at 11:52

Try this, taken from How to force HTTPS using a web.config file

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <clear />
                <rule name="Redirect to https" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
                    </conditions>
                    <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

Alternatively, if your app is an MVC one you can achieve this using a filter - the below will look for a setting in your application's settings (or web.config) and ensure RequireHttps is on if it's set to true - you can do the same by annotating your controllers with [RequireHttps] attribute declarations.

  string requireHttps = ConfigurationManager.AppSettings["RequireHttps"];
  if (string.IsNullOrEmpty(requireHttps) || string.Compare(requireHttps, "false", true)!=0)
    filters.Add(new RequireHttpsAttribute());

This did not work. My site is not MVC. Its a traditional C# .NET website on IIS. And I have 2 load balanced VMs on Azure hosting the website. — ShanChat972, Oct 12 '16 at 20:21
Your solution did not work. But I figured it out. [b]I was missing the URL rewrite module on IIS on the server[/b]. Installing that did the trick https://www.iis.net/downloads/microsoft/url-rewrite Now the IIS server can redirect the url requests from HTTP to HTTPS :-) — ShanChat972, Oct 14 '16 at 16:40
To help others - was the solution above wrong, or was it not working because you didn't have the module installed for IIS? — Russell Young, Oct 15 '16 at 14:59

Redirect HTTP to HTTPS in Azure (With Load Balancer)

1 Answers1