31

When I added the URL rewrite code in web.config and then publish it into azure. it will automatically redirects to https even I am trying to access website with http.

<rewrite>
  <rules>
    <rule name="Redirect to https">
      <match url="(.*)"/>
      <conditions>
        <add input="{HTTPS}" pattern="Off"/>
      </conditions>
      <action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/>
    </rule>
  </rules>
</rewrite>

But when I run the same code in my local machine it gives the below error.

This site can’t provide a secure connection

enter image description here

How can I resolve the above error when I run the above code in my local machine?

Arsen Khachaturyan
  • 7,904
  • 4
  • 42
  • 42
Pradeep
  • 5,101
  • 14
  • 68
  • 140
  • 4
    try this https://dotnetcodr.com/2015/09/18/how-to-enable-ssl-for-a-net-project-in-visual-studio/ – raj'sCubicle Sep 27 '17 at 21:02
  • @ raj'sCubicle Thanks much. This was a far simpler solution. – IdusOrtus Feb 28 '19 at 17:58
  • HELP! I followed these directions and now my project won't run on the local machine. I even back out of the changes but the web.config seems to be cached or something... How do I back out? – malt_man May 21 '19 at 05:36

6 Answers6

14

What I do personally is put that rewrite configuration into Web.Release.config precisely because it is a bit fiddly to get it working locally.

The problem is that IIS Express will expose HTTP and HTTPS on different ports, so if you redirect from http://localhost:1234 to https://localhost:1234, it simply won't work, because IIS Express is exposing HTTPS on something like https://localhost:44300.

You can enable SSL/TLS on IIS Express (and you should), but I would leave the rewrite rule only for Release mode.

Here is an example Web.Release.config file:

<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
  <system.web>
    <compilation xdt:Transform="RemoveAttributes(debug)" />
  </system.web>
  <system.webServer>
    <rewrite xdt:Transform="Insert">
      <rules>
        <!-- Redirects users to HTTPS if they try to access with HTTP -->
        <rule
          name="Force HTTPS"
          stopProcessing="true">
          <match url="(.*)"/>
          <conditions>
            <add input="{HTTPS}" pattern="^OFF$" ignoreCase="true"/>
          </conditions>
          <action
            type="Redirect"
            url="https://{HTTP_HOST}/{R:1}"
            redirectType="Permanent"/>
        </rule>
      </rules>
      <outboundRules>
        <!-- Enforces HTTPS for browsers with HSTS -->
        <!-- As per official spec only sent when users access with HTTPS -->
        <rule
          xdt:Transform="Insert"
          name="Add Strict-Transport-Security when HTTPS"
          enabled="true">
          <match serverVariable="RESPONSE_Strict_Transport_Security"
              pattern=".*" />
          <conditions>
            <add input="{HTTPS}" pattern="on" ignoreCase="true" />
          </conditions>
          <action type="Rewrite" value="max-age=31536000" />
        </rule>
      </outboundRules>
    </rewrite>
  </system.webServer>
</configuration>

Note that I also add HSTS here. It inserts the <rewrite> element into Web.config in Release mode. The <system.webServer> element already exists in Web.config, otherwise I would be inserting that.

juunas
  • 54,244
  • 13
  • 113
  • 149
  • Thanks Juunas, the above code shows some error on this line . because the rewrite element doesn't allow transform attribute. – Pradeep Apr 11 '17 at 07:43
  • It says a similar warning for me too, but still works. Not sure why it does that. It should not matter which element you put those on, the XML transform system doesn't care. – juunas Apr 11 '17 at 07:51
  • Its working fine, But I created two config files are Web.Dev.config and Web.Prod.config. I added the rewrite code only in Web.Prod.config file, then publish it into azure its working fine. but when I published my app with Web.Dev.config file into azure still it redirects to https even I don't add the rewrite code in Web.Dev.config file. – Pradeep Apr 11 '17 at 08:07
  • 1
    Well, the redirect issued by this config is permanent (HTTP 301). That means your browser will remember the rule. If I don't want users accessing the site over HTTP now, I won't want them to do so later. – juunas Apr 11 '17 at 08:14
  • Thanks, for your suggestion. – Pradeep Apr 11 '17 at 08:18
  • 2
    changing the port for running iis express from project properties worked for me. – Saurabh Solanki Jun 21 '19 at 09:13
  • How can I create or edit this file? – samuelnehool Feb 16 '23 at 13:24
  • I just placed this code verbatim in my root folder but it does not work :( – samuelnehool Feb 16 '23 at 13:42
11

This always solves the issue for me.

  • In Solution Explorer, click your project.
  • Hit the F4 key (view properties).
  • Copy the URL (NOT the SSL URL).
  • Paste the URL into the Project Url on the Web Tab, Save.
  • In Solution Explorer, click your project.
  • Hit the F4 key (view properties).
  • Change SSL Enabled to false.
  • Change it back to true. There should be a new SSL URL. Copy it.
  • Paste the new SSL URL into Project URL on Web tab. Click Create Virtual Directory.
  • Click Override application root URL, and paste in SSL URL. Save.
Jesse
  • 168
  • 1
  • 7
1

You will have to configure Visual Studio Server to be used with HTTPS. Please go through this link for details:
HTTPS with Visual Studio's built-in ASP.NET Development Server

Community
  • 1
  • 1
Boney
  • 2,072
  • 3
  • 18
  • 23
  • IIS Express will allow using HTTPS, but it will be on a different port. This still won't solve the problem entirely. As the redirect happens to the same port, it won't be able to connect. – juunas Apr 11 '17 at 07:21
  • still I am getting same error even I enabled the SSL property. – Pradeep Apr 11 '17 at 07:30
0

I solved this problem with older version of Chrome web browser.

This is the list of older chrome versions where you can download and install it.

60.0.3112.90 - for Ubuntu is the version that works just fine for me.

Maybe it's little slower then newer versions but i found it's pretty good for production (:

Milosh
  • 1
  • 1
0

On my end, I found out that there was a javascript code that redirects the site from http to https. So try to explore your environment if there are other code responsible for that issue. Hope this can help. Thanks

jayz
  • 31
  • 2
0

I just changed the URL in the Web tab of the project properties to use a PORT that starts with 443, e.g. 44301. Also be sure to change http to https. It works for me.

JacobIRR
  • 8,545
  • 8
  • 39
  • 68