?
Solved

IIS Express and a website that has HTTP and HTTPS pages

Posted on 2012-12-20
10
Medium Priority
?
1,219 Views
Last Modified: 2013-01-17
Hi

My website has HTTP and HTTPS pages.  I am using IIS Express and have it working for HTTP and HTTPS, but when its running I cannot browse from an HTTP to HTTPS (if in HTTP mode) and vice versa.  

How do I get IIS Express to allow me to browse HTTP page using HTTPS://localhost:44300/

Thanks
0
Comment
Question by:nutnut
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 3

Expert Comment

by:karl-henrik
ID: 38711460
Here is a link to how you enable SSL in IIS Express - pictures and everything.

Hope it helps.

Helpful link
0
 

Author Comment

by:nutnut
ID: 38711473
Thanks but I have ssl working already I just cannot switch between http and https when site is running
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38712284
Hi Nutnut,

  I could be wrong, but I think you are misunderstanding a fundamental principle here - you can't have HTTP *AND* HTTPS on the same port.

  Assuming you want to use the pattern shown, you would want a binding to http for 8000 and for https on 44300 - then the urls would be http://localhost:8000/ and https://localhost:44300/ respectively.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 

Author Comment

by:nutnut
ID: 38712386
Hi, my site has half of it as HTTP and once logged in HTTPS is used.  When I run the site I cannot move between an HTTP and HTTPS page.  So, if I run IIS express in HTTP mode I can browse all HTTP pages but cannot log in.  If I run IIS express in HTTPs mode and make the log page the start page, I can log in and use all HTTPS pages but if I log out to the HTTP part of the site it just hangs.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38712448
That sounds more like a problem with whatever you are using for login authentication - it should be able to submit cookies and/or form info between the two, but if you are using an asp session variable to hold state, that often won't go well between http/https; asp session variables have this issue in IIS7 (in my experience) and I was gratified to find that it had been anticipated and there is a flag ("New ID on secure connection") you can configure to disable this behaviour and give a shared ASP session environment. I must admit though I haven't tried even that on a machine using non-standard port bindings, nor do I know if IIS Express even has such a flag.
0
 

Author Comment

by:nutnut
ID: 38712455
Thanks. Should HTTP page be able to be displayed on localhost:44300?  Because if I can get this working then its solved.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38712482
you can, but only if ssl isn't there.
you must have separate ports for ssl and non-ssl listeners.
0
 

Author Comment

by:nutnut
ID: 38714342
thanks how can i do this
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 1000 total points
ID: 38720319
you do that by disabling security on port 44300 - but then, https won't work.
you can't *ever* have http AND https on the same ip+port
0
 
LVL 16

Assisted Solution

by:jessc7
jessc7 earned 1000 total points
ID: 38734557
For normal web traffic, regular HTTP requests happen over port 80, and regular HTTPS requests happen over port 443.

You cannot have both non-SSL (HTTP) and SSL (HTTPS) traffic on the same port, as DaveHowe said.

You would need to have two bindings in your IIS Express site to use both. For example, you might have HTTPS traffic on 44300, and HTTP traffic on 8000. Make sure you disable SSL on the 8000 binding.

In your application, you are going to have to manage that you are using specific, custom ports to go between SSL and non-SSL traffic. You probably want to have these as application parameters in your web.config or elsewhere that your application can reference.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Moving applications to the cloud or switching services to cloud-based ones, is a stressful job.  Here's how you can make it easier.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question