If you get "Secure Channel Required", then the URL for the custom error is
still configured to require SSL when you do not want it to be.

What you need to do is:
1. Enable "Require SSL" for the vdirs that you need to force SSL
2. Configure the 403.4 custom error effective for the URLs under #1 to point
to another URL that will execute your Custom Error redirector page that
sends a 302 redirection to the appropriate HTTPS version
3. Disable "Require SSL" for the Custom Error redirector page in #2

#1 forces all non-SSL requests to get the 403.4 custom error. #3 allows the
non-SSL requests to execute the Custom Error redirector page of #2 to send
the redirection.


BTW, your code is incorrect. The redirect URL is invalid. This should be all
you need (if you want to get fancier, you can read the querystring to locate
the original URL, and redirect to the HTTPS version of the original URL).

<%
If Request.ServerVariables("SERVER_PORT")=80 Then
Dim strSecureURL
strSecureURL = "https://"
strSecureURL = strSecureURL &
Request.ServerVariables("SERVER_NAME")
Response.Redirect strSecureURL
End If
%>

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
[quoted text, click to view]
Thanks for the advice and please excuse my ignorance but I am having trouble
creating the correct page with the correct scripting.

I have tried the advice in MS KB Article 555126 and used the script below in
a virtual directory under the site I am configuring. I removed the "Require
SSL" from the directory and changed the Error page to point to the virtual
directory page. This did not work. I received "Secure Chanel Required" error

<%
If Request.ServerVariables("SERVER_PORT")=80 Then
Dim strSecureURL
strSecureURL = "https://"
strSecureURL = strSecureURL &
Request.ServerVariables("SERVER_NAME")
strSecureURL = strSecureURL & "https://www.bcmclaims.com"
Response.Redirect strSecureURL
End If
%>

I also tried:

<% if (String(Request.ServerVariables("httpS")) == "off")
Response.redirect("https://www.bcmclaims.com"); %>

Also I forgot to add that I am hosting a Dotnetnuke Site but I really don't
think it matters because the SSL works perfect I just cant get it to
redirect.

Thanks again.


[quoted text, click to view]

I have a similar yet different problem. I need help.

I have a website that I need SSL on the whole website.
I have created the website in IIS 5 and have added the SSL certificate and
turned it on.

I have set a custom redirect for 403.4.htm
If I type http://www.mydomain.com using IE 6 I get a 403.htm error
If I use firefox the redirect works every time.

If I type in https://www.mydomain.com/ I get the correct page for both
firefox and IE

I would appreciate knowing why I have this problem.

regards,
Mark

Hi,

the redirect custom error points to a file that I placed into the same
folder as 403.4.htm
The file is called redirect.htm
This is causing serious problems as I cannot launch my site unless I can get
IE support.

regards,
mark


[quoted text, click to view]

I cannot reproduce your issue. I set up IIS5 and configured "require SSL",
and when I type http://www.mydomain.com using IE6 I get the 403.4 error page
and redirected accordingly.

Is your 403.4 custom error page defined as an URL or a file?

Because if it is an URL and that URL is also in this website and requires
SSL... then you will get a 403 every time (client used HTTP to request an
URL that requires SSL, so IIS executes 403.4 custom error. But that custom
error tells IIS to execute another URL which also requires SSL -- which
obviously won't work since client used HTTP -- so IIS sends back a generic
403 instead).

I'm not certain how FireFox can make this situation work legitimately. Maybe
it is an undocumented FireFox "feature".

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
[quoted text, click to view]
I have a similar yet different problem. I need help.

I have a website that I need SSL on the whole website.
I have created the website in IIS 5 and have added the SSL certificate and
turned it on.

I have set a custom redirect for 403.4.htm
If I type http://www.mydomain.com using IE 6 I get a 403.htm error
If I use firefox the redirect works every time.

If I type in https://www.mydomain.com/ I get the correct page for both
firefox and IE

I would appreciate knowing why I have this problem.

regards,
Mark

Can you answer David's question? Did you setup the custom error as a file
type or URL type?

Cheers
Ken

--
IIS Blog: www.adopenstatic.com/cs/blogs/ken/
Web: www.adopenstatic.com


[quoted text, click to view]
: Hi,
:
: the redirect custom error points to a file that I placed into the same
: folder as 403.4.htm
: The file is called redirect.htm
: This is causing serious problems as I cannot launch my site unless I can
get
: IE support.
:
: regards,
: mark
:
:
[quoted text, click to view]
: >I cannot reproduce your issue. I set up IIS5 and configured "require
SSL",
: > and when I type http://www.mydomain.com using IE6 I get the 403.4 error
: > page
: > and redirected accordingly.
: >
: > Is your 403.4 custom error page defined as an URL or a file?
: >
: > Because if it is an URL and that URL is also in this website and
requires
: > SSL... then you will get a 403 every time (client used HTTP to request
an
: > URL that requires SSL, so IIS executes 403.4 custom error. But that
custom
: > error tells IIS to execute another URL which also requires SSL -- which
: > obviously won't work since client used HTTP -- so IIS sends back a
generic
: > 403 instead).
: >
: > I'm not certain how FireFox can make this situation work legitimately.
: > Maybe
: > it is an undocumented FireFox "feature".
: >
: > --
: > //David
: > IIS
: > http://blogs.msdn.com/David.Wang
: > This posting is provided "AS IS" with no warranties, and confers no
: > rights.
: > //
[quoted text, click to view]
: > I have a similar yet different problem. I need help.
: >
: > I have a website that I need SSL on the whole website.
: > I have created the website in IIS 5 and have added the SSL certificate
and
: > turned it on.
: >
: > I have set a custom redirect for 403.4.htm
: > If I type http://www.mydomain.com using IE 6 I get a 403.htm error
: > If I use firefox the redirect works every time.
: >
: > If I type in https://www.mydomain.com/ I get the correct page for both
: > firefox and IE
: >
: > I would appreciate knowing why I have this problem.
: >
: > regards,
: > Mark
: >
: >
: >
: >
:
:

The answer is file.

I do say that in my reply.

I have correctly set the 403.4 custom error to point to a FILE in the same
folder called redirect.htm
I'm stuck, the 403.htm error is happening to friends who are testing.

If you reboot and use IE the first time it works, after this you get the
403.htm error.

mark

[quoted text, click to view]

What is the content in your redirect.htm to do the redirection. Is it static
file or dynamic script. A couple posts back, you mentioned some ASP script
code as the 403.4 custom error.

With a static file, you are doing a fixed redirect (can never redirect to
the HTTPS version of the URL itself).

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
[quoted text, click to view]
The answer is file.

I do say that in my reply.

I have correctly set the 403.4 custom error to point to a FILE in the same
folder called redirect.htm
I'm stuck, the 403.htm error is happening to friends who are testing.

If you reboot and use IE the first time it works, after this you get the
403.htm error.

mark

[quoted text, click to view]

If you are using an ASP page, it needs to be of type "URL" not "File"

Additionally, you need to ensure that "Require SSL" is *not* set for the
custom error page (because the error page can not be loaded at all if you
require SSL for that as well).

Cheers
Ken

--
IIS Blog: www.adopenstatic.com/cs/blogs/ken/
Web: www.adopenstatic.com


[quoted text, click to view]
: The answer is file.
:
: I do say that in my reply.
:
: I have correctly set the 403.4 custom error to point to a FILE in the same
: folder called redirect.htm
: I'm stuck, the 403.htm error is happening to friends who are testing.
:
: If you reboot and use IE the first time it works, after this you get the
: 403.htm error.
:
: mark
:
[quoted text, click to view]
: > Can you answer David's question? Did you setup the custom error as a
file
: > type or URL type?
: >
: > Cheers
: > Ken
: >
: > --
: > IIS Blog: www.adopenstatic.com/cs/blogs/ken/
: > Web: www.adopenstatic.com
: >
: >
[quoted text, click to view]
: > : Hi,
: > :
: > : the redirect custom error points to a file that I placed into the same
: > : folder as 403.4.htm
: > : The file is called redirect.htm
: > : This is causing serious problems as I cannot launch my site unless I
can
: > get
: > : IE support.
: > :
: > : regards,
: > : mark
: > :
: > :
[quoted text, click to view]
: > : >I cannot reproduce your issue. I set up IIS5 and configured "require
: > SSL",
: > : > and when I type http://www.mydomain.com using IE6 I get the 403.4
: > error
: > : > page
: > : > and redirected accordingly.
: > : >
: > : > Is your 403.4 custom error page defined as an URL or a file?
: > : >
: > : > Because if it is an URL and that URL is also in this website and
: > requires
: > : > SSL... then you will get a 403 every time (client used HTTP to
request
: > an
: > : > URL that requires SSL, so IIS executes 403.4 custom error. But that
: > custom
: > : > error tells IIS to execute another URL which also requires SSL --
: > which
: > : > obviously won't work since client used HTTP -- so IIS sends back a
: > generic
: > : > 403 instead).
: > : >
: > : > I'm not certain how FireFox can make this situation work
legitimately.
: > : > Maybe
: > : > it is an undocumented FireFox "feature".
: > : >
: > : > --
: > : > //David
: > : > IIS
: > : > http://blogs.msdn.com/David.Wang
: > : > This posting is provided "AS IS" with no warranties, and confers no
: > : > rights.
: > : > //
[quoted text, click to view]
: > : > I have a similar yet different problem. I need help.
: > : >
: > : > I have a website that I need SSL on the whole website.
: > : > I have created the website in IIS 5 and have added the SSL
certificate
: > and
: > : > turned it on.
: > : >
: > : > I have set a custom redirect for 403.4.htm
: > : > If I type http://www.mydomain.com using IE 6 I get a 403.htm error
: > : > If I use firefox the redirect works every time.
: > : >
: > : > If I type in https://www.mydomain.com/ I get the correct page for
both
: > : > firefox and IE
: > : >
: > : > I would appreciate knowing why I have this problem.
: > : >
: > : > regards,
: > : > Mark
: > : >
: > : >
: > : >
: > : >
: > :
: > :
: >
: >
:
: