This tutorial will show you how to configure your website in IIS 10 so that all incoming http://
links to the site will be redirected to their secure https://
versions.
These instructions assume that you’ve already taken the following steps with the site:
- Download and install the IIS URL Rewrite module, then launch IIS Manager.
- Select the website you want to apply redirection to, then double-click URL Rewrite.
- Click Add Rule(s)…
- Select Blank rule in the Inbound rules section, then click the OK button.
- Give your redirect an easy-to-remember name.
- In the Matched URL section:
- Set Requested URL: to
Matches the Pattern
. - Set Using to
Regular Expressions
. - Enter
(.*)
as the Pattern. - Check Ignore case.
- Set Requested URL: to
- Scroll down to Conditions and expand the section if necessary. Select
Match All
for Logical grouping, then click the Add… button. - A dialog box will open:
- Type
{HTTPS}
in the Condition input field. - Set Check if input string to
Matches the Pattern
. - Type
^OFF$
in the Pattern field. - Check Ignore case.
- Click the OK button.
- Type
- You should now see your condition in the list.
- Scroll down to the Action section and enter these settings:
- Select
Redirect
as the Action type. - Type
https://{HTTP_HOST}/{REQUEST_URI}
in the Rewrite URL field. - Uncheck
Append query string
. - Set Redirect type to
Permanent (301)
.
- Select
- Click Apply in the right-hand Actions menu.
- You can now check your redirect in a web browser. If there are any problems, you can check the site’s
web.config
file to make sure it contains the correct information. In IIS Manager, right-click your site and choose Explore from the menu. - Confirm that the file
web.config
exists, then open it in a text editor. - Verify that
web.config
contains the following text. If necessary you can create and/or modify this file:
<?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules> <rule name="HTTPS Redirect" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" /> </rule> </rules> </rewrite> </system.webServer> </configuration>
SSL.com provides a wide variety of SSL/TLS server certificates for HTTPS websites.