I'm running on a Windows 2K3 server with IIS 6.
Due to some issues, I'd like to remove the SSL binding, and have traffic redirected to HTTP.
Where this becomes a problem, when a client tries to connect over https, there's nothing on port 443, so it gets a Cannot_Connect error instead of a 404. My thought is that this occurs before IIS. Is there a way to catch and redirect this error w/o having to leave the binding and just doing a simple IIS redirect? I'm removing the cert to resolve a security problem (needs to be done quickly due to the server being migrated and the security team wants a remediation to a vulnerability with the cert) so I don't want to keep the cert around.
Thanks!
Best Answer
Unfortunately you need to have something listening on port 443 to be able to have an HTTPS request redirected to HTTP. Also, the SSL handshake including the server sending its SSL certificate has to take place prior to the client being able to send in its HTTPS request.
When using HTTPS (SSL) everything is encrypted including the URL containing the HTTPS request.