403 Error when using HTTPS but fine with HTTP

Posted on 2009-02-12
Last Modified: 2012-05-06
I am getting this error when trying to access my website on my IIS 7.0 server using HTTPS.

Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)

The firewall is open for 443 and passes.
The windows firewall is open for 443 and passes.
The site passes the SSL Certificate Check (3rd party) perfect.

Once it passes all of that I get the 403 error from my web-server. If I try using only HTTP I can get to my web page just fine.

What am I missing here?

Thank you!
Question by:junglecom
    LVL 3

    Expert Comment

    This is happening as browser looks for an address statrting with "https" ,but as there is no page crosponding to this address ,it throws the error.

    1> Go to ur website properties in InetMgr
    2>Go to Custom Errors and look for error listed Error Code 403 Sub Code 4
    3> Edit its property and give a path to a page which will do the redirect from https to http
    Example "C:\PathForYourWebSite\SSLRedirect.htm"
    4>And in the SSLRedirect.htm page put the code shown below:

    So how it works is ..when ever IIS throws an error 403 ,our html page will be invokes which will change
    the url replacing  https with http ,and u will be correctly redirected to ur correct page

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
    <html xmlns="">
        <title>Redirect to secure page</title>
    <script language="JavaScript" type="text/javascript" >
    function goElseWhere()
        var oldURL = window.location.href;
        var newURL = oldURL.replace("http://", "https://"); 
        window.location = newURL;
    // -->

    Open in new window

    LVL 22

    Expert Comment

    That code referenced I'm sure works but I don't think you want to do that.
    That code will essentially by-pass the requirement for SSL.
    If you have code that has a relative reference to another site on the server that is not enabled for SSL that is causing this problem then you need to fix the problem.  Either change the code to a full URL or SSL enalbe the directory and files it is trying to access.

    From your description though I get the feeling this is not the problem.  It sounds like NOTHING is working via SSL on your site.

    Take a look at this page and see if you have missed anything in the configuration of SSL on your machine/site ...
    LVL 2

    Author Comment

    I see my problem...

    I was trying to forward port 443 from the firewall to two different IP address.

    Now my next question is how to forword port 443 to ISA server then read the Header and send to my web server?

    How can i do this?
    LVL 22

    Expert Comment

    Look at the page I referenced ... it should give you the command lline syntax to configure the port forwarding that you need to do.
    LVL 13

    Expert Comment

    LVL 2

    Accepted Solution

    I solved my problem.

    I was trying to port forward the same Port 443 to two different IP address, which as far as I know cannot be done, without hardware that can forward based on header info.

    The only way around this is to have a second external IP address.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Introduction One of the frequent application design questions goes something like this: "How can I confirm when a client registers on my web site?" The registration might be for general use of a self-administered site like a forum, or for attend…
    Introduction This warning has to be one of the most commonly issued warnings in the history of PHP.  The article explains why this warning arises and what to do to mitigate the problem. How this Happens HTTP headers include many different kinds…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now