HTTP to HTTPS Redirect - IIS 8.5 not working properly

Question

I've read a number of posts here on SO as well as on the 'net (IIS blogs, etc.). I'm trying to force all connections going from domain.com to www.domain.com and at the same time forcing the request from HTTP to HTTPS.

I'm using this set of rules and rewrites but the only thing happening is that it's redirecting fine but not redirecting to SSL.

<!-- Redirect to HTTPS -->
<rewrite>
    <rules>
        <rule name="Redirect to www" stopProcessing="true">
            <match url="(.*)" />
            <conditions trackAllCaptures="false">
                <add input="{HTTP_HOST}" matchType="Pattern" pattern="^mydomain.com$" ignoreCase="true" negate="false" />
            </conditions>
            <action type="Redirect" url="{MapProtocol:{HTTPS}}://www.mydomain.com/{R:1}" />
        </rule>
    </rules>
    <rewriteMaps>
        <rewriteMap name="MapProtocol" defaultValue="http">
          <add key="on" value="https" />
          <add key="off" value="http" />
        </rewriteMap>
    </rewriteMaps>
</rewrite>

What am I doing wrong?

Main blog reference: http://weblogs.asp.net/owscott/url-rewrite-protocol-http-https-in-the-action and this SO post - web.config redirect non-www to www

Answer 1

In my case, I did everything @Valien said and lots of other tries but it did not work. finally I found the problem. It was because I was using 2 rules. First rule was rewriting to NodeJs server and the second to redirect http to https. I changed the order and now it is working correctly.

The config with the correct order in case more than 1 rule is applied:

<rewrite>
     <rules>
           <rule name="http to https" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="^OFF$" />
                    </conditions>
                    <action type="Redirect" url="https://mywebsite.com/{R:1}" redirectType="SeeOther" />
           </rule>
           <rule name="ReverseProxyToLocalhost:3000" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://localhost:3000/{R:1}" />
           </rule>
      </rules>
 </rewrite>

Answer 2

This is a long shot for some cases but I had deleted my port 80 bindings for the website as I only wanted SSL / port 443. So from what I can tell is Port 80 binding is also needed for the the rewrite to work correctly.

Answer 3

We faced same issue while redirecting from http to https using URL Rewrite module, But after switching off the require ssl module within IIS did the trick.

1. Go to SSL Settings of website
2. Uncheck require SSL checkbox.
3. Apply settings and Restart iis

Answer 4

Edit: So I found this blog post: http://www.meltedbutter.net/wp/?p=231 and gave it a try and voila! Worked like a charm. Not sure why this worked over the rules posted above but in my case the below is working and successfully taking all non-www traffic and redirecting it to both www and https.

<!-- Redirect to HTTPS -->
        <rewrite>
            <rules>
                <rule name="http to https" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="^OFF$" />
                    </conditions>
                    <action type="Redirect" url="https://www.domain.com/{R:1}" redirectType="SeeOther" />
                </rule>
            </rules>
        </rewrite>