IIS Express and a website that has HTTP and HTTPS pages

Hi

My website has HTTP and HTTPS pages.  I am using IIS Express and have it working for HTTP and HTTPS, but when its running I cannot browse from an HTTP to HTTPS (if in HTTP mode) and vice versa.  

How do I get IIS Express to allow me to browse HTTP page using HTTPS://localhost:44300/

Thanks
nutnutAsked:
Who is Participating?
 
Dave HoweConnect With a Mentor Software and Hardware EngineerCommented:
you do that by disabling security on port 44300 - but then, https won't work.
you can't *ever* have http AND https on the same ip+port
0
 
karl-henrikCommented:
Here is a link to how you enable SSL in IIS Express - pictures and everything.

Hope it helps.

Helpful link
0
 
nutnutAuthor Commented:
Thanks but I have ssl working already I just cannot switch between http and https when site is running
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Dave HoweSoftware and Hardware EngineerCommented:
Hi Nutnut,

  I could be wrong, but I think you are misunderstanding a fundamental principle here - you can't have HTTP *AND* HTTPS on the same port.

  Assuming you want to use the pattern shown, you would want a binding to http for 8000 and for https on 44300 - then the urls would be http://localhost:8000/ and https://localhost:44300/ respectively.
0
 
nutnutAuthor Commented:
Hi, my site has half of it as HTTP and once logged in HTTPS is used.  When I run the site I cannot move between an HTTP and HTTPS page.  So, if I run IIS express in HTTP mode I can browse all HTTP pages but cannot log in.  If I run IIS express in HTTPs mode and make the log page the start page, I can log in and use all HTTPS pages but if I log out to the HTTP part of the site it just hangs.
0
 
Dave HoweSoftware and Hardware EngineerCommented:
That sounds more like a problem with whatever you are using for login authentication - it should be able to submit cookies and/or form info between the two, but if you are using an asp session variable to hold state, that often won't go well between http/https; asp session variables have this issue in IIS7 (in my experience) and I was gratified to find that it had been anticipated and there is a flag ("New ID on secure connection") you can configure to disable this behaviour and give a shared ASP session environment. I must admit though I haven't tried even that on a machine using non-standard port bindings, nor do I know if IIS Express even has such a flag.
0
 
nutnutAuthor Commented:
Thanks. Should HTTP page be able to be displayed on localhost:44300?  Because if I can get this working then its solved.
0
 
Dave HoweSoftware and Hardware EngineerCommented:
you can, but only if ssl isn't there.
you must have separate ports for ssl and non-ssl listeners.
0
 
nutnutAuthor Commented:
thanks how can i do this
0
 
jessc7Connect With a Mentor Commented:
For normal web traffic, regular HTTP requests happen over port 80, and regular HTTPS requests happen over port 443.

You cannot have both non-SSL (HTTP) and SSL (HTTPS) traffic on the same port, as DaveHowe said.

You would need to have two bindings in your IIS Express site to use both. For example, you might have HTTPS traffic on 44300, and HTTP traffic on 8000. Make sure you disable SSL on the 8000 binding.

In your application, you are going to have to manage that you are using specific, custom ports to go between SSL and non-SSL traffic. You probably want to have these as application parameters in your web.config or elsewhere that your application can reference.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.