HTTP to HTTPS Redirect - IIS 8.5 not working properly

12
votes

I've read a number of posts here on SO as well as on the 'net (IIS blogs, etc.). I'm trying to force all connections going from domain.com to www.domain.com and at the same time forcing the request from HTTP to HTTPS.

I'm using this set of rules and rewrites but the only thing happening is that it's redirecting fine but not redirecting to SSL.

<!-- Redirect to HTTPS -->
<rewrite>
    <rules>
        <rule name="Redirect to www" stopProcessing="true">
            <match url="(.*)" />
            <conditions trackAllCaptures="false">
                <add input="{HTTP_HOST}" matchType="Pattern" pattern="^mydomain.com$" ignoreCase="true" negate="false" />
            </conditions>
            <action type="Redirect" url="{MapProtocol:{HTTPS}}://www.mydomain.com/{R:1}" />
        </rule>
    </rules>
    <rewriteMaps>
        <rewriteMap name="MapProtocol" defaultValue="http">
          <add key="on" value="https" />
          <add key="off" value="http" />
        </rewriteMap>
    </rewriteMaps>
</rewrite>

What am I doing wrong?

Main blog reference: http://weblogs.asp.net/owscott/url-rewrite-protocol-http-https-in-the-action and this SO post - web.config redirect non-www to www

3
redirectiisiis-8.5
apart from mistakes in the config, don't forget to do your experiments in an Incognito window in Chrome or your 301 redirects will be cached. You will need to close and start a new incognito window every time yo utry a new one.CAD bloke

3 Answers

11
votes

Edit: So I found this blog post: http://www.meltedbutter.net/wp/?p=231 and gave it a try and voila! Worked like a charm. Not sure why this worked over the rules posted above but in my case the below is working and successfully taking all non-www traffic and redirecting it to both www and https.

<!-- Redirect to HTTPS -->
        <rewrite>
            <rules>
                <rule name="http to https" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="^OFF$" />
                    </conditions>
                    <action type="Redirect" url="https://www.domain.com/{R:1}" redirectType="SeeOther" />
                </rule>
            </rules>
        </rewrite>
9
votes

We faced same issue while redirecting from http to https using URL Rewrite module, But after switching off the require ssl module within IIS did the trick.

  1. Go to SSL Settings of website
  2. Uncheck require SSL checkbox.
  3. Apply settings and Restart iis
5
votes

This is a long shot for some cases but I had deleted my port 80 bindings for the website as I only wanted SSL / port 443. So from what I can tell is Port 80 binding is also needed for the the rewrite to work correctly.