• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1424
  • Last Modified:

403 - Forbidden error even for HTTP after removing HTTPS binding

I have an SBS2008 server that I installed a GoDaddy UCC SSL certificate on over the weekend. Today, users trying to get to a timesheet applicaiton that runs on the SBS Server are getting a 403 - Forbitten error when they try to access the site. They had not used HTTPS before, onmly HTTP.

The timesheet applicaiton was installed on the Default website. It is a virtual directory. I went the the bindings of the default website and removed the HTTPS protocol from the bindings in IIS7. I performed IISReset but I am still getting the 403 error.  

I stopped and started the entire IIS through the IIS7 manager interface and I still get the error.

Any ideas?

Thanks,

Dave
0
dcadler
Asked:
dcadler
  • 4
  • 2
1 Solution
 
dcadlerAuthor Commented:
Here is the message I am getting when I try to access the web page.

"HTTP Error 403.4 - Forbidden
The page you are trying to access is secured with Secure Sockets Layer (SSL)."

However, I only have HTTP as the bound protocol in the Website bindings. T
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
On the Default Web Site, under 'SSL Settings', confirm you don't have Require SSL selected.

Looking at odder instances...
Also on the Default Web site, under HTTP Redirect, confirm that under the Redirect requests to this destination, the next box is blank.   (http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/107/threadid/361291/scope/posts/threadpage/2/Default.aspx)
0
 
dcadlerAuthor Commented:
If I select the virtual directory, dovtimesheet, under default Website and then select SSL settings, it shows that the "Require SSL" check box is checked but it is grayed out and I can't uncheck it.
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
dcadlerAuthor Commented:
the "redirect request to this destination" field is blank
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Ah... rebind port 443 to https with any certificate.  Then go back and uncheck 'require ssl'...
Then go back and remove the binding for https again.
0
 
dcadlerAuthor Commented:
That did the trick - Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now