[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 500
  • Last Modified:

IIS 7 on Windows server 2008 - problem with https forwarding to http

On a new IIS7 setup on windows server 2008, we moved over a web application (it happens to be cold fusion, but I think that is unrelated) from an older server.  We didn't have ssl setup initially on the new server, and everything was working fine with the app.

Now, we have a new ssl cert just installed.  I can pull up the plain default IIS homepage over https and it appears fine.  However whenever I try to go to the login page for my app, for some reason instead of staying on https, it bounces to http and removes the filename that I'd just typed in from the url path.  We do have require ssl marked in the IIS settings.  If I uncheck this, I can still go to the http version of the app login page, and it still works just fine.  But when I try the same path, but under https, it keeps removing the https part and the trailing filename.  When this happens, the only error I get back is a 403.14, which is access denied, since directory browsing is not allowed.  This makes sense because directory browsing is turned off (we don't want to alow it), and since it removed my specific filename from the url, it thinks it's trying to browse the directory instead.

To be clearer:

I type in:
https://servername/path/to/my/app/Login.cfm

and immediately, the url auto-changes to:
http://servername/path/to/my/app/
with this error:
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.

and if I turn off the ssl requirement, I can type in:
http://servername/path/to/my/app/Login.cfm (NOTE:  http and not https)
and the login page comes up just fine.

Any ideas on this?
0
sah18
Asked:
sah18
  • 3
  • 2
1 Solution
 
setasoujiroCommented:
Did you modify the site's port binding to 443?
0
 
sah18Author Commented:
I didn't install the ssl cert, but I can check.

If I go to:
IIS Manager
Right-Click on  Default Web Site --> Edit Bindings
this is what I see: Default Web Site - Bindings
Does this look correct to you?
0
 
setasoujiroCommented:
ok, and this is for THAT site, not the default IIS site?
0
 
sah18Author Commented:
The only site I have defined is the default IIS site.
0
 
setasoujiroCommented:
Try removing the http binding and leave only https
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now