Richard Lloyd
asked on
https://domain.com works, https://www.domain.com does not! Help!
Hi.
Can anyone point me in the right direction.
I have a domain that is hosted with iis7. The url rewrite module redirects all www.domain .com to domain.com and I have used the well documented rule to force the site to add https:// to the domain name.
Therefore I would expect all
http://www.domain.co.uk
http://domain.co.uk
https://www.domain.co.uk
https://domain.co.uk
www.domain.co.uk
domain.co.uk
should all go to https://domain.co.uk
But https://www.domain.co.uk gives a security error:
Your connection is not private
Attackers might be trying to steal your information from www.hunterbarrington.co.uk (for example, passwords, messages or credit cards). NET::ERR_CERT_COMMON_NAME_ INVALID
My web.config is:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpErrors>
<remove statusCode="500" subStatusCode="19" />
<remove statusCode="500" subStatusCode="18" />
<remove statusCode="500" subStatusCode="17" />
<remove statusCode="500" subStatusCode="16" />
<remove statusCode="500" subStatusCode="15" />
<remove statusCode="500" subStatusCode="13" />
<remove statusCode="500" subStatusCode="100" />
<remove statusCode="500" subStatusCode="12" />
<remove statusCode="404" subStatusCode="-1" />
<error statusCode="404" subStatusCode="-1" prefixLanguageFilePath="" path="/site_error.asp" responseMode="ExecuteURL" />
</httpErrors>
<rewrite>
<outboundRules>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_T YPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
<rules>
<rule name="CanonicalHostNameRul e1">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^domain\.co\.uk$" negate="true" />
</conditions>
<action type="Redirect" url="http://domain.co.uk/{R:1}" />
</rule>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
My bindings attached as a screen shot.
The domain is on a dedicated ip address.
Can anyone point me in the right direction.
I have a domain that is hosted with iis7. The url rewrite module redirects all www.domain .com to domain.com and I have used the well documented rule to force the site to add https:// to the domain name.
Therefore I would expect all
http://www.domain.co.uk
http://domain.co.uk
https://www.domain.co.uk
https://domain.co.uk
www.domain.co.uk
domain.co.uk
should all go to https://domain.co.uk
But https://www.domain.co.uk gives a security error:
Your connection is not private
Attackers might be trying to steal your information from www.hunterbarrington.co.uk (for example, passwords, messages or credit cards). NET::ERR_CERT_COMMON_NAME_
My web.config is:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpErrors>
<remove statusCode="500" subStatusCode="19" />
<remove statusCode="500" subStatusCode="18" />
<remove statusCode="500" subStatusCode="17" />
<remove statusCode="500" subStatusCode="16" />
<remove statusCode="500" subStatusCode="15" />
<remove statusCode="500" subStatusCode="13" />
<remove statusCode="500" subStatusCode="100" />
<remove statusCode="500" subStatusCode="12" />
<remove statusCode="404" subStatusCode="-1" />
<error statusCode="404" subStatusCode="-1" prefixLanguageFilePath="" path="/site_error.asp" responseMode="ExecuteURL" />
</httpErrors>
<rewrite>
<outboundRules>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_T
</preCondition>
</preConditions>
</outboundRules>
<rules>
<rule name="CanonicalHostNameRul
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^domain\.co\.uk$"
</conditions>
<action type="Redirect" url="http://domain.co.uk/{R:1}" />
</rule>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
My bindings attached as a screen shot.
The domain is on a dedicated ip address.
Did u create A record for www and also please check the site content and also clear the browser history..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you!
it is probably the name on the certificate doesn't match
I'd use a redirect rule rather an url rewrite.