IIS7 : HOW TO force a website to use SSL?

I have written about how to configure a website for HTTPS here.  In this post, I will explain how to force HTTPS for any website.

1. Open IIS7 Manager UI.

2. Expand the Web Sites in the Connections pane and select the Web site.

3. In the Features View, double click on the “SSL Settings”.

4. You will see the check box to force SSL on this website and click on "Apply" in the Actions pane.

Select the Client certificates options at your need of the website. That's it. We now force the HTTPS browsing for that website. Now, if the user tries to browse the website over HTTP, he will be getting 403.4 Forbidden error message.

Again, I am writing this simple HOW TO articles for IIS 7 to just make any IIS 7 beginner getting little more comfort in the IIS 7 UI because for any user who is most used to the IIS5/5.1/6 UI - seeing the new IIS7 UI for the first time, doing simple things like this seems pretty complex (as it did to me).

Comments

• Anonymous
  September 11, 2008
  Is there a way to force a redirect to the https site?  For example, if people go to www.capitoltechsolutions.com, it current comes up with the 403.4 error. I would rather have it come up as https://www.capitoltechsolutions.com.  I tried forwarding the address to the SSL site but to no avail. Is it possible to do that?

• Anonymous
  September 12, 2008
  You can do that by doing a redirection for the site, or by following steps as appropriate from http://support.microsoft.com/kb/839357/en-us. But this isn't just only the way to do it, there are plenty available too.

• Anonymous
  October 03, 2008
  As the title sounds, here I’m going to discuss a very simple feature of IIS7 which has one additional

• Anonymous
  October 03, 2008
  As the title sounds, here I’m going to discuss a very simple feature of IIS7 which has one additional