Reputation: 3716
How to redirect HTTPS IP to domain
I have an asp.net website hosted on IIS 8.5 and I am using the following rule to redirect all traffic to HTTPS:
<rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll">
<add input="{SERVER_PORT_SECURE}" pattern="^0$" />
</conditions>
<action type="Redirect" url="https://example.com{REQUEST_URI}" redirectType="Temporary" />
</rule>
This does not work when a user accesses the site using https://192.168.0.3
Your connection is not private
Attackers might be trying to steal your information from 192.168.0.3 (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
The SSL installed is for the domain example.com and it seems the request does not reach IIS so I dont have any control over it....? I dont have control over the user to force them to use the domain url.
How do I redirect https:/192.168.0.3 to https://example.com?
Upvotes: 4
Views: 4768
Answers (3)
Reputation: 1192
Given the HTTPS private IP never would have worked (you can't get a valid cert for it), I assume you've got here because you've got a global redirect from http://192.168.0.3 to https://192.168.0.3. Just fix that redirect so it goes from http://192.168.0.3 directly to https://example.com.
Upvotes: 1
Reputation: 35544
What you could do is create another website in IIS and bind the IP address to it. Then in that website either create a single Default.aspx page with a redirect to the correct domain.
<%@ Page Language="C#" %>
<%
Response.Redirect("https://example.com");
%>
Or just a web.config file with the url rewrite
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect" stopProcessing="true">
<match url="(.*)" />
<action type="Redirect" redirectType="Permanent" url="https://example.com" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Upvotes: -1
Reputation: 731
Trying to SSL secure a local IP url will always end up with a Certificate Error AFAIK
Read this to learn more about it: https://security.stackexchange.com/questions/103524/lets-encrypt-for-intranet-websites
Edit: I don’t know a lot about IIS but found this on this matter, probably it’ll help you solve this: https://blogs.msdn.microsoft.com/robert_mcmurray/2013/11/15/how-to-trust-the-iis-express-self-signed-certificate/
Upvotes: 4
Related Questions
- redirect some domains to https and some to http in IIS
- How to redirect http to https with url rewrite
- IIS 8 Redirect to HTTPS Based on URL Address
- IIS redirect only one domain on SSL
- Asp.net Redirecting from Https to Http
- ASP.NET site. Redirect whole domain from http to https
- redirection http to https asp/iis
- HTTP to HTTPS redirect for only one URL
- how to redirect to same domain from http to https
- IIS, Redirecting and HTTPS