• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1066
  • Last Modified:

403 Error when using HTTPS but fine with HTTP

I am getting this error when trying to access my website on my IIS 7.0 server using HTTPS.

Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)

The firewall is open for 443 and passes.
The windows firewall is open for 443 and passes.
The site passes the SSL Certificate Check (3rd party) perfect.

Once it passes all of that I get the 403 error from my web-server. If I try using only HTTP I can get to my web page just fine.

What am I missing here?

Thank you!
1 Solution
This is happening as browser looks for an address statrting with "https" ,but as there is no page crosponding to this address ,it throws the error.

1> Go to ur website properties in InetMgr
2>Go to Custom Errors and look for error listed Error Code 403 Sub Code 4
3> Edit its property and give a path to a page which will do the redirect from https to http
Example "C:\PathForYourWebSite\SSLRedirect.htm"
4>And in the SSLRedirect.htm page put the code shown below:

So how it works is ..when ever IIS throws an error 403 ,our html page will be invokes which will change
the url replacing  https with http ,and u will be correctly redirected to ur correct page

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <title>Redirect to secure page</title>
<script language="JavaScript" type="text/javascript" >
function goElseWhere()
    var oldURL = window.location.href;
    var newURL = oldURL.replace("http://", "https://"); 
    window.location = newURL;
// -->

Open in new window

That code referenced I'm sure works but I don't think you want to do that.
That code will essentially by-pass the requirement for SSL.
If you have code that has a relative reference to another site on the server that is not enabled for SSL that is causing this problem then you need to fix the problem.  Either change the code to a full URL or SSL enalbe the directory and files it is trying to access.

From your description though I get the feeling this is not the problem.  It sounds like NOTHING is working via SSL on your site.

Take a look at this page and see if you have missed anything in the configuration of SSL on your machine/site ... http://learn.iis.net/page.aspx/144/how-to-setup-ssl-on-iis-7/
junglecomAuthor Commented:
I see my problem...

I was trying to forward port 443 from the firewall to two different IP address.

Now my next question is how to forword port 443 to ISA server then read the Header and send to my web server?

How can i do this?
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Look at the page I referenced ... it should give you the command lline syntax to configure the port forwarding that you need to do.
junglecomAuthor Commented:
I solved my problem.

I was trying to port forward the same Port 443 to two different IP address, which as far as I know cannot be done, without hardware that can forward based on header info.

The only way around this is to have a second external IP address.


Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now