ssl redirects in IIS7 using 403.4 error pages with response 302

by Mikeal Email

IIS7 adds the ability to use a 302 redirect response as a "Customer Error Page" instead of actually making a file with a html refresh or asp response.redirect. This is much easier to manage when you are doing redirects on several websites.

1. Select the website your are working with in IIS7, and make sure you are in the Feature View.

2. Double click "SSL Settings" and check Require SSL and click Apply.

3. Go back into the Feature View and open "Error Pages"

4. Click on Add and configure the following:

Status code: 403.4
Click on Respond with a 302 redirect and provide the https redirect URL.

*** NOTE HERE *** I had problems with redirection with some clients. I believe https://mysite.thisdomain.com and https://mysite.thisdomain.com/index.asp have different results in some web browser configurations. Changing all my redirection URLs to https://mysite.thisdomain.com/index.asp seemed to correct my problems.

Categories: IIS7
Permalink08/27/08 01:19:34 pm, 4 comments »

4 comments

Comment from: Tyler Gohl [Visitor] Email
Thanks, worked great.
09/30/08 @ 09:09
Comment from: Mathiau [Visitor] Email
making a note of this blog page for sure!
11/14/08 @ 10:58
Comment from: Jeroen Landheer [Visitor] Email · http://www.jeroenlandheer.com
Cool, this is a great trick!
09/17/09 @ 10:10
Comment from: Sean [Visitor]
One clarifying point - you also have to make sure that the site is bound to http in addition to https, otherwise the server never handles the original http request.

Obvious, once you realize your mistake... :(
11/09/09 @ 14:53

Leave a comment


Your email address will not be revealed on this site.

Your URL will be displayed.
(Line breaks become <br />)
(Name, email & website)
(Allow users to contact you through a message form (your email will not be revealed.)