Skip to main content

[DEL] How do I force SSL in IIS 5 or IIS 6 on a directory and use a redirect?

Summary

This article explains how you would automatically force SSL and redirect users to your SSL site hosted using IIS 5 or IIS 6


User-added image

This article assumes you already have an SSL certificate installed on your IIS 5 or IIS 6 server.

In the below example, we will use OWA and force SSL on the /exchange directory.

You can only turn on SSL if you've installed a certificate. Once that's done, you can enable or require SSL for any or all of the directories served by IIS on that machine.

1. Open the Computer Management snap-in on your Exchange server. Expand the Services and Applications node, then the Internet Information Services node.

2. Expand the Default Web Site node, then find the Exchange directory. Right-click it and choose the Properties command.

3. Click the Directory Security tab. In the Secure Communications control group, the View Certificate and Edit buttons should be active. If they're not, your certificate isn't installed properly—you'll have to fix it before proceeding.

4. Click the Edit button in the Secure Communications group. You'll see the Secure Communications dialog box.

5. Check the "Require secure channel (SSL)" checkbox. You can optionally check the "Require 128-bit encryption" box as well. Doing     so gives you better security, but some clients may not be able to connect.

Once you have made these changes , you should be able to open your mailbox by typing https://yourServerName/exchange/yourMailbox . You should not be able to open it with an ordinary http URL.

Try opening your mailbox with and without SSL. Verify that you cannot open it without using https:// as the URL prefix.

Automatically Redirect Users to the SSL Site

Once you've configured IIS to require the use of SSL, you may also want to automatically redirect users to the secure directory; that way, users who can't remember to use https:// can still get their mail without bothering you. To do this, you'll need to create a file named ssl-redirect.asp in your sites' server's inetpub\wwwroot\siteasp directory. In that file, paste the following code:

<%
If Request.ServerVariables("SERVER_PORT")=80  Then
Dim strRedirURL
strRedirURL = "https://" & Request.ServerVariables("SERVER_NAME")
strRedirURL = strRedirURL & "/yourfolder"
Response.Redirect strRedirURL
End If
%>

Next, follow these instructions to tell IIS to map error 403.4 to the ssl-redirect.asp file. Every time IIS encounters that particular error, it will execute the ASP code, which automatically redirects the user to the correct page.

Further reading: http://support.microsoft.com/default.aspx?scid=kb;en-us;302570&sd=tech
HOW TO: Configure Custom Error Messaging for Your Web Site in IIS
SUMMARY: This step-by-step guide describes how to configure Internet Information Services (IIS) to send custom error messages instead of the default Hypertext Transfer Protocol (HTTP) error messages.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.

Country Number
Australia 0011 - 800-3687-7863
1-800-767-513
Austria 00 - 800-3687-7863
Belgium 00 - 800-3687-7863
Denmark 00 - 800-3687-7863
Finland 990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France 00 - 800-3687-7863
Germany 00 - 800-3687-7863
Hong Kong 001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland 00 - 800-3687-7863
Israel 014 - 800-3687-7863
Italy 00 - 800-3687-7863
Japan 001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea 001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia 00 - 800-3687-7863
Netherlands 00 - 800-3687-7863
New Zealand 00 - 800-3687-7863
0800-4413101
Norway 00 - 800-3687-7863
Singapore 001 - 800-3687-7863
Spain 00 - 800-3687-7863
Sweden 00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland 00 - 800-3687-7863
Taiwan 00 - 800-3687-7863
United Kingdom 00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088