Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Nov 13, 2012 04:16 PM by jprochazka
Oct 22, 2012 03:36 PM|LINK
I have an app that is on a HTTP link. Now i have been requested to change that to HTTPS. I never do this before so i started to read some
info but to save time i want to ask here: Its some advice that anyone could give about this topic?
Its all IIS configuration or should i change something on my code?
Thanks in advance.
Oct 22, 2012 03:50 PM|LINK
Its all IIS configuration
or should i change something on my code?
If you have url's in your html code(i.e, style sheets,js links etc), c# code with http then change it to https after you configure the IIS
Oct 22, 2012 03:58 PM|LINK
No server side configuration is necessary just make sure https is enabled for the site in IIS.
You can easily force https using the application's Global.asax file by adding the following code in the "Application_BeginRequest" method. This code will change any remote request from a http request to an https request however you will still be able to
develop locally and requests to localhost will not be forced to use https.
protected void Application_BeginRequest(Object sender, EventArgs e)
if (HttpContext.Current.Request.IsSecureConnection.Equals(false) && HttpContext.Current.Request.IsLocal.Equals(false))
Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"] + HttpContext.Current.Request.RawUrl);
Protected Sub Application_BeginRequest(sender As [Object], e As EventArgs)
If HttpContext.Current.Request.IsSecureConnection.Equals(False) AndAlso HttpContext.Current.Request.IsLocal.Equals(False) Then
Response.Redirect("https://" + Request.ServerVariables("HTTP_HOST") + HttpContext.Current.Request.RawUrl)
Oct 23, 2012 06:53 AM|LINK
To enable HTTPS/SSL on your ASP.NET web application, I think the most work to do is at IIS side. You will need to add the HTTPs binding (with SSL certificate) in the IIS website (where your ASP.NET web app is deployed) and make sure your web app's virtual
directory is also using https.
#How to Set Up SSL on IIS 7
And in case you might need to do some code to programmmtically switch between HTTPS and plain HTTP for page navigation, you can take a look at the following web articles:
#Switching Between HTTP and HTTPS Automatically
#How to use HTTPS in an ASP.Net Application
If there are WCF services in your ASP.NET web applications, then things get much more complicated. In addition to the IIS side configuration, you need to also adjust your WCF service's configuration so as to make sure it support HTTPS (for transport security)
or simply ignore it if you do not want your WCF service to use HTTPS.
#Transport Security Overview
#Hosting WCF 4.0 Service on IIS 7.5 with SSL
Oct 31, 2012 03:08 PM|LINK
Sorry for my late responce, but i have been kinda busy latelly.
In fact there are plenity of WCF services. And this application need to be run both on HTTP and HTTPS. So i think i ll have to make a project that controls the creation of the object
depending on context that is required. Any idea will be welcome.
Nov 12, 2012 12:01 PM|LINK
I think im going make all the app to run on HTTPS. Its going to be a problem to redirect the old HTTP site the new HTTPS site?
Nov 13, 2012 04:16 PM|LINK
Not if you use the code I posted above.