Home/ Questions/Q 7438813
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T10:36:43+00:00

Using the ‘bindings’ feature of IIS7, I added an SSL certificate at the root

  • 0

Using the ‘bindings’ feature of IIS7, I added an SSL certificate at the root of my website to ‘https’ (port 443). Then, I required an SSL connection for a specific directory, ‘/secure-directory/’. I can now redirect to this directory by explicitly linking to the https address: https://www.mysite.com/secure-directory/. The problem is that /secure-directory/ is the only directory I want to use SSL, and it contains navigation links which are now maintaining the https prefix, so my ‘Home’ link now directs to https://www.mysite.com instead of http://www.mysite.com.

What is the ideal way to preserve the http prefix for links in the /secure-directory/? I have the IIS7 URL Rewrite module so if someone can share an outbound rule, that would be much appreciated. Otherwise, I would like to know if I’m going about this entirely the wrong way, or of there is a better solution than a rewrite rule. Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Thanks for the replies. I considered implementing the global.asax and module solutions, but what ended up working best for my needs was an outbound rewrite rule. I may revisit this at a later date and re-evaluate my situation, but for now, this is what I’m using (with the 1860 port removed for production):

    <rule name="ForceHttpsToHttp" preCondition="ResponseIsHtml1">
    <match filterByTags="A, Img" pattern="^(?!.*javascript).*$" />
        <conditions>
            <add input="{HTTPS}" pattern="ON" />
            <add input="{SERVER_PORT}" pattern="443" />
        </conditions>
    <action type="Rewrite" value="http://{HTTP_HOST}:1860{R:0}" />
</rule>

    (The pattern prevents rewriting on server-side click events, whereas (.*) would rewrite and break them)

    • 0