You know that problem you have when you set up a new website in IIS and want to redirect http traffic to https?
Well, I have the opposite problem. When users type http://website
they are automatically redirected to https://website
I have two websites, each on Windows 2003 server with IIS 6.
Each website is for internal purposes and was setup by the vendor. Both are built with ASP.NET. Both have self-signed domain certs.
Now, all client machines have moved to a new Active Directory domain and the servers are still on the old domain. This causes the typical SSL warning to appear on the users screen where they have to accept or click to go on which is annoying. We are planning to move the servers to the new domain as well soon but I wanted to make what I thought would be a quick fix, to simply disable https, or at least not force traffic to https.
- I have unticked the "Require secure channel" on the Secure communication in the Directory Security tab in IIS properties.
- I have removed the certificate
- I have looked for custom error pages with redirect on it but don't see one related
- I have cleared the ssl port box on the Web Site tap in IIS properties
- I have searched for something related to redirect in the web.config but don't see anything related.
And the vendor claim that they have not putted any http to https redirect in the code.
So what can I check? I'm obviously missing something. I just want to restore the default behavior of IIS and access the websites on plain old port 80 http