HTTP to HTTPS Redirect - URL Rewrite

    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • SecureAuth IdP Version Affected: All



    If a user connects using port 80 (http) to a realm that it secured with SSL, it will throw a 403.4 Forbidden error. This guide will help you create a rule within URL Rewrite that automatically redirects all http requests to https.


    Create a rule with URL Rewrite within IIS that redirects all http requests to https for all realms. 

    If you don't have the URL Rewrite extension, you can download it right here. The first thing we need to do is open IIS Manager. Expand "Sites," then select "Default Web Site." Double click the URL Rewrite module to open it. Follow the steps below to configure the rule.


    1. Click "Add Rule(s)"



    2. Select "Blank Rule" under Inbound Rules.



    3. Set the name of the rule (1), Set the Match URL to use Wildcards (2), Set the Pattern to * (3), Set the Logical Grouping to "Match Any" (4), Add the condition that is highlighted (5).



    4. On the rule, set the action type to "Redirect", and fill out the rest of the settings exactly like the picture below. Click apply afterwards.



    5. Lastly, any realm that you want to utilize this rule must have "Require SSL" turned off. You can do this by going to any realm, clicking on SSL Settings, and removing the check mark from the "Require SSL" box.





    0 out of 0 found this helpful


    1 comment
    • If the Pattern * does not work, or gives you an error with an invalid reference, try the pattern ^(.*)$

      Comment actions Permalink

    Please sign in to leave a comment.