Using IIS in Windows server 2012 R2.
I have a website which can be reached at url.com and www.url.com.
I have https://url.com set up using https://letsencrypt.org/.
I want to redirect all incomming requests to https://url.com/{path}
That is, it needs to handle
- http://url.com -> https://url.com
- http://url.com/some/thing -> https://url.com/some/thing
- https://www.url.com/something -> https://url.com/something
I added this rewrite rule to the webconfig.
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
and this works for any url such as http://url.com/some but if i type in https://www.url.com/s I get an error stating the connection is not secure. This is also the case if I try http://www.url.com
How do i make this work?
Best Answer
You can't avoid requests reaching www.example.com and not getting the error, because redirections happen "after" the SSL has been negotiated, and the client is requesting a name for which you don't have a certificate.
Letsencrypt allows you perfectly to have the same certificate with several names. So you will have to do that to avoid client browsers complaing or mismatched name in certificate.