2
votes

I am starting with the rewrite module have a problem with a "simple" IIS 8.5 URL Rewrite redirect http --> https for a non www site.

Problem: If the domain matches the action url parameter i always get "http://" and not "https://".

This is my rule:

<rewrite>
  <rules>
    <rule name="Redirect to HTTPS" stopProcessing="true">
      <match url="(.*)" />
      <conditions>
        <add input="{HTTPS}" pattern="^OFF$" />
      </conditions>
      <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
    </rule>
  </rules>
</rewrite>

I can't post several links so "domain" = crm.test.com. The site with the rewrite rule is bound to "domain"=crm.test.com on port 2080.

I want to redirect "http://" to "https://", but i always get "http://" as location in response:

   HTTP/1.1·302·Redirect
   Connection:·close
   Content-Length:·176
   Date:·Thu,·15·Jan·2015·08:21:21·GMT
   Location:·http://domain/                      <--
   Content-Type:·text/html;·charset=UTF-8
   Server:·Microsoft-IIS/8.5
   X-Powered-By:·ASP.NET

I tried the following action url parameter:

Not working:

"https://{HTTP_HOST}/{R:1}" -> http://domain/
"https://domain/{R:1}" -> http://domain/
"https://{HTTP_HOST}:443/{R:1}" -> http://domain/
"https://{HTTP_HOST}/1" -> http://domain/1/

Working:

"https1://{HTTP_HOST}/{R:1}" -> https1://domain/
"https://{HTTP_HOST}:444/{R:1}" -> https://domain:444/
"https://test.domain.com/{R:1}" -> https://test.domain.com/
"https://www.google.com/{R:1}" -> https://www.google.com/

I found "URL Rewrite on IIS from http to https is not working,", but this doesn't solve my problem.

Did i missed something?

3

3 Answers

2
votes

The following works for us:

            <rule name="HTTP Redirect to HTTPS" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
                <match url="(.*)" />
                <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                    <add input="{HTTPS}" pattern="^OFF$" />
                </conditions>
                <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
            </rule>
2
votes

O. k., i found the solution - the link translation is caused by a tmg 2010 in front of the iis. The tmg has a bug where the link translation resets the https links to http in case of a 301. Problem an solution are described here:

http://blog.sanibellogic.com/2008/09/default

http://support.microsoft.com/kb/924373

Thanks everybody.

0
votes

You can also config the redirect domain with or without www using URL rewrite. The SSL cert only include: www FQDN.

web.config example (domain example is: sysadmit.com):

<rewrite>
    <rules>
    <clear />
       <rule name="Force WWW and SSL" enabled="true" stopProcessing="true">
    <match url="(.*)" />
    <conditions logicalGrouping="MatchAny">
        <add input="{HTTP_HOST}" pattern="^[^www]" />
        <add input="{HTTPS}" pattern="off" />
    </conditions>
    <action type="Redirect" url="https://www.sysadmit.com/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>

Extracted from: http://www.sysadmit.com/2017/05/windows-iis-redirigir-http-https.html