SSL Rules for https://www

Discussion in 'Windows / IIS' started by TeamF, Jun 19, 2011.

  1. TeamF

    TeamF

    Hi guys,

    I’ve received my ssl certificate and installed it successfully on my site. The certificate is prepared for mysite.com, not for *.mysite.com.

    I wanted the site to be accessible like https://mysite.com – no www, no http (only secure connections). I’ve already added the needed rules in my web.config.

    Everything is fine, but the url https://www.mysite.com does not redirect to https://mysite.com. I get the error that the certificate is for mysite.com (which I know and it was intended :)).

    My question is what is the appropriate rule for this url?
    Do I need to make some dns changes?

    Thank you in advance for your time.
     
    TeamF, Jun 19, 2011
    #1
  2. keikoraca

    keikoraca

    You may want to take a look at this post on forcing SSL through your code using a rewrite rule.
     
    keikoraca, Jun 19, 2011
    #2
  3. TeamF

    TeamF

    Thank you for the post, however I believe the message with the invalid certificate happens before reaching to server rewriting rules.

    Do you know if there is any specific error being raised which I can attach to with my own page which makes redirect? Or maybe some iis bindings?
     
    TeamF, Jun 20, 2011
    #3
  4. wisemx

    wisemx

    The IIS7 rewrite in your web.config will handle this.
    For example, this is the rewrite I used, which can be modified as needed:

    <system.webServer>
    <rewrite>
    <rules>
    <rule name="Redirect to https">
    <match url="(.*)" />
    <conditions>
    <add input="{SERVER_PORT}" pattern="443" negate="true" />
    </conditions>
    <action type="Redirect" url="https://www.msftwise.com/{R:1}" />
    </rule>
    </rules>
    </rewrite>
     
    wisemx, Jun 20, 2011
    #4
  5. TeamF

    TeamF

    Those are the rules in my web.config. They work fine for every url except https://www.mysite.com

    <rule name="Remove WWW prefix">
    <match url="(.*)" ignoreCase="true" />
    <conditions>
    <add input="{HTTP_HOST}" pattern="^www\.mysite\.com" />
    </conditions>
    <action type="Redirect" url="https://mysite.com/{R:1}" redirectType="Permanent" />
    </rule>

    <rule name="Redirect to HTTPS">
    <match url="(.*)" />
    <conditions>
    <add input="{SERVER_PORT}" pattern="443" negate="true" />
    </conditions>
    <action type="Redirect" url="https:// mysite.com/{R:1}" />
    </rule>
     
    TeamF, Jun 20, 2011
    #5
  6. Ruffusteefirefly

    Ruffusteefirefly

    I had a similar issue as well, but I had to put it on the back burner. I hope you get it resolved. nice guess keikoraca
    , but that does not work.
     
    Ruffusteefirefly, Jun 20, 2011
    #6
  7. RayH

    RayH DiscountASP.NET Lackey DiscountASP.NET Staff

    <action type="Redirect" url="https:// mysite.com/{R:1}" />

    I'll assume it's a typo, but if not, you might want to verify there isn't a space in between // and mysite
     
    RayH, Jul 1, 2011
    #7

Share This Page