IIS TOMCAT REDIRECTOR SSL HOW TO -- iis security

John McClain
9/30/2004 4:00:25 PM

HER IS THE SCENARIO:
We have a jsp webapp that uses Tomcat
We have an isapi_redirector to redirect requests for JSP pages to tomcat
We have a virtual directory in IIS under the default web site that points to
our web app root dir
We have a SSL certificte available for use
We have an ASP page that we are using to redirect http://localhost/Acuity
(the initial web app call) to
https://localhost/Acuity/Index.jsp. as per HOW TO: Use ASP to Force SSL
for Specific Pages
http://support.microsoft.com/default.aspx?scid=kb;en-us;239875

QUESTIONS (forIIS6.):
1) How do we apply the certificate to our virtual directory and require a
secure channel.? We have tried and tried, but only seem to be able to apply
it to the Default Web Site. In Fact, the virtual directory doesn't even
allow us to run through the Server Certificate dialogue - the button is
diabled. It is enabled on the defaul web site.

2) How do we insure that a http:/localhost/Acuity request gets redirected to
our asp page that in turn redirects
to our web apps' index.jsp page? The document above says that we set the
custom error for 403.4 (Secure Channel Required error) to redirect to the
asp page. We do this, but IIS gives a 404 error - can't find the page

Ken Schaefer
10/1/2004 10:12:24 AM

Hi,

Please see the response in the .inetserver.iis group

If you wish to post to multiple groups, put both the names in the "to:"
field of your newsclient. In that case, everyone in both groups can see all
the answers submitted.

Cheers
Ken

[quoted text, click to view]

iis security : IIS TOMCAT REDIRECTOR SSL HOW TO