joefreedom
asked on
SSL Redirect IIS 6.0
Hey Experts,
I followed the guide from the link below to setup a SSL Redirect script for a site we are hosting internally on IIS 6 and everything was working fine, requests for http://intranet.domain.com would receive the 403.4, a custom error message was setup in IIS to point to a directory containing an .aspx file with a simple Response.Redirect script. Furthermore the appropriate location path was added to the web.config file.
http://weblogs.asp.net/pwilson/archive/2004/12/23/331455.aspx
All was working well until some changes to our sharepoint site were made and I received the Inheritance Overrrides error in IIS, the only child node it prompted me for was NoSSL which is the SSL redirect, this is the only service we are hosting currently, Ive seen exchange users with similar issues however this is not the case for our environment.
Regardless of whether I choose the 'NoSSL' child node or not when prompted by inheritance overrrides, the redirect stops working. I have removed the custom error, the folder, the changes to config.aspx, etc..reimplemented them and still received the same problems.
When http://intranet.domain.com is entered the following is returned by the browser:
'Secure Channel Required
This Virtual Directory requires a browser that supports the configured encryption options.'
Thanks for the help!
I followed the guide from the link below to setup a SSL Redirect script for a site we are hosting internally on IIS 6 and everything was working fine, requests for http://intranet.domain.com would receive the 403.4, a custom error message was setup in IIS to point to a directory containing an .aspx file with a simple Response.Redirect script. Furthermore the appropriate location path was added to the web.config file.
http://weblogs.asp.net/pwilson/archive/2004/12/23/331455.aspx
All was working well until some changes to our sharepoint site were made and I received the Inheritance Overrrides error in IIS, the only child node it prompted me for was NoSSL which is the SSL redirect, this is the only service we are hosting currently, Ive seen exchange users with similar issues however this is not the case for our environment.
Regardless of whether I choose the 'NoSSL' child node or not when prompted by inheritance overrrides, the redirect stops working. I have removed the custom error, the folder, the changes to config.aspx, etc..reimplemented them and still received the same problems.
When http://intranet.domain.com is entered the following is returned by the browser:
'Secure Channel Required
This Virtual Directory requires a browser that supports the configured encryption options.'
Thanks for the help!
Custom Error 403.4:
<%
Response.Redirect("https://intranet.domain.com")
%>
Web.conf:
<location path="_NoSSL/SSLRedirect.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
IIS-Inheritance-Overrides.JPG
ASKER
Thanks for the response I appreciate your support,
I don't know how to "set the UNCPassword credentials" so number 1 isn't an option unless you can explain how to do so?
I attempted to run the adsutil command you posted however I receive
'the path requested could not be found'
ErrNumber: -2147024893 (0x80070003)
Error trying to get the object: w3svc/1/Root/_private
Can you explain if 'w3svc', and '1' are supposed to represent an actual value? Should the 1 represent the site id or something?
does '403,2,FILE,C:/path/errorf ile.aspx' mean http error 403.2 file redirect or just 403?
Should this be '403,4,URL,_NoSSL/SSLRedir ect.aspx' in my case?
Sorry I have no prior experience with adsutil utility and I have had minimal luck with resources explaining those questions.
Thanks!
I don't know how to "set the UNCPassword credentials" so number 1 isn't an option unless you can explain how to do so?
I attempted to run the adsutil command you posted however I receive
'the path requested could not be found'
ErrNumber: -2147024893 (0x80070003)
Error trying to get the object: w3svc/1/Root/_private
Can you explain if 'w3svc', and '1' are supposed to represent an actual value? Should the 1 represent the site id or something?
does '403,2,FILE,C:/path/errorf
Should this be '403,4,URL,_NoSSL/SSLRedir
Sorry I have no prior experience with adsutil utility and I have had minimal luck with resources explaining those questions.
Thanks!
ASKER
I Ended up using the following code in a .htm page on the root directory of the site. I went into IIS custom errors settings and changed 403.4 to redirect to a file, browsed to the root directory and selected the .htm page.
All is working well. Thanks for the help.
All is working well. Thanks for the help.
<SCRIPT type=text/javascript>
<!--
if (location.protocol != 'https:')
{
window.location = 'https://'+ location.host + location.pathname + location.search;
//alert(location.host + location.pathname + location.search); Just for sanity check
}
// -->
</SCRIPT>
Code Taken From:
http://blog.opsan.com/archive/2005/04/17/395.aspx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all of the help, much appreciated.
your snapshot shows that when you try to set the custom error page, it also wants to set the 'UNCPassword' value.
what you apparently need to do is to set the custom error without changing the UNCPassword. You can do that in two ways:
1. set the custom error on the 'noSSL' node, and then go back and set the UNCPassword credentials, OR
2. set the custom error using adsutil.vbs instead of the GUI, something like:
C:\Inetpub\AdminScripts>ad