Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 470
  • Last Modified:

IIS - Tomcat

Web server - IIS 6
App server  - Tomcat

Description:
I have a website. Recently i got a requirement that few users need to access the site over https. So I have created other website(in IIS) and pointed it to the same application server. I had installed the SSL certificate on the second website(https) and using the same IP for which I am using for the first site(http).

Problem:
When I am trying to access the https site, the request is always being redirected to http site. Please let me know where I am doing wrong.
0
Raz
Asked:
Raz
  • 3
  • 2
1 Solution
 
ShmoidCommented:
After installin the certificate in IIS did you bind it?

Since you setup the IIS website just for the https traffic did you enable the option to require SSL?
0
 
RazAuthor Commented:
yes I have bound it.
I have enabled theh option require SSL.
Do I have to use a dedicated IP for the https site?
0
 
Kevin CrossChief Technology OfficerCommented:
Why not just enable SSL on the original configured Web site. If you have the configured application hosting both port 80 and 443, then users needing SSL simply change to https. Setup the other way, what may be happening is that the redirect is essential forwarding clients from the 443 site to the 80 site and hence leaving SSL. Make them one in the same and remove redirection. If you have a second site pointed to the same content (i.e., no redirection), check if there is a config value specifying the domain name that has the http bit in it. I have one application like that where they have a setting for a URL and it requires full URL and not a relative path. Therefore, it is hard-coded to http or https.
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
RazAuthor Commented:
If I enable SSL on the original configured Web site, when we access the site using http is going unavailable. Here the requirement is both http and https access needs to be allowed to the site. Few group of users are given http url and others are given https url.
I will check if the url is hardcoded, and get back to you.

Thanks.
0
 
Kevin CrossChief Technology OfficerCommented:
Uncheck the Require SSL, basically set it up to use SSL but not mandate it.
0
 
RazAuthor Commented:
The redirection is happening in the application. You are right mwvisa1. Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now