I have a part of my website that uses SSL, and a part that does not. I began having issues recently where the link that takes you to the https part of the site would keep getting rerouted to http. In IIS I have SSL on and required for the members directory, and the certs are all fine. My site is http://mcsd-sc.mcbarons.manheimcentral.org/. I first started by routing the pages directly to the secure part using the <meta http-equiv="refresh" content="0;url=urlgoeshere" /> on a redirect page in the /members directory and this was working perfectly. When my issues started, changed it and made the link just go directly to the members part of the site with the https included in the URL (this is how it is now). Now when you click the link it takes you to the member page without using https, thus throwing an error because I have SSL required on that part of the site. When you look at the code in IE, it just shows the direct link using plain HTTP. When I open the code directly on the server, I see the URL beginning with HTTPS. I've been having a lot of issues lately with updated content not refreshing itself, and rebooting the server does nothing. At this point I'm stumped. I think it might be something in IIS, although I haven't touched it in a long time, unless a recent security update messed it up, which is the only explanation I can think of that would screw it up all of a sudden. The site works perfectly when you manually type https. I thought it might have also been my cache, but I just tried it on a computer that I haven't ever gone to the site on before and I got the same issue.
I am using partially secured pages ( SSL). Now the problem is when I am switching between HTTPS and HTTP, I am losing my session. I tried storing session in Sql Server Database, its still not working. I am using just ONE web server and all pages are in single application.I am using Sql server 2008 ,IIS 7.0, C#.Net 3.5 I created a self signed test certificate to test my application.
I understand that I am losing my session because my urls are changing with https and http but there has to be someway to overcome this problem. I dont want to put unnecessary load on pages which do not have sensitive data by using https.
is it possible to preserve authentication for ASP.NET Forms authentication cookie,btween Http and Https (different domains) and back?I mean haveing single signon for two domains say http://www.mydomain.com and https://members.mydomain.comI've seen on quite asp.net sites that have a 'MyAccount' section they transfer the site to https and then when you have logged into your account successfully and gone back to the majority of the site you move back to http whilst still being logged in.
I developed a simple application running in IIS 6 under an http protocol. for the security purposes our company provide a certificate unfortunately my application is not functioning in https. i can still access it in http...
I'm pretty new at configuring IIS and working with SSL. I've been having difficulty with switching from the HTTPs protocol to the HTTP protocol. I had set a small part of our website to the HTTPS protocol since it has an SSL certificate for online commmerce.
When users go through that part of the site the HTPPS protocol is set and runs fine, but when they try to leave by, say, clicking on a link to another part of the site (after they have visited the secured portion of the site) the HTTPS stays in the url. Is there something I'm doing wrong?
This is how the HTTPS is set on the site: this code is placed in an sslredirect.asp page located in a "SSL" folder:
<% Response.Buffer = True If (Request.ServerVariables("HTTPS") = "off") Then sQ = Request.ServerVariables("QUERY_STRING") sURL = "https" & Right(sQ, (Len(sQ)-8)) sURL = Replace(sURL, ":80", "") Response.redirect(sURL) End if %>
i redirect a page from http to https using http module begin request handler .i am calling webservice using ajax but it is saying webserice not defined .which otherwise works fineits work fine when rediect page in page_load instead .but i need to add function for https to http in every page. i still not know why ajax is not working when i use http module for redirect
I want to redirect http to https. I tried this one,but I have one problem, I have to redirect to another page. The request.url gives the current page, whereas I need to redirect to another page. How do I do that.
As part of a master page template, several sites include a login control. Since the site is served over HTTP, I want the login control, once a successful login has been achieved, to resolve to a portal served over HTTPS.The closest I've seen to achieve this may be here, but I'm not entirely clear on its implementation.Can I get some feedback or suggestions on this?Of course, a simple "Login" link on all pages that point to a login paged served over HTTPS is another solution, but this is not what I'm looking for.
We are planning to move our website to https, which currently running on only http only. Web site is running on IIS7 in Windows 2008 server. Do I need to update/modify any configuration settings in the website to make it work on HTTPS? Is it fine just installing certifictes?
I'm having real trouble redirecting pages from http to https on my live website. Everything is fine on my IDE but as soon as I upload it to my shared web host (123-reg.co.uk) I hit a problem. When I try to redirect to https using Response.Redirect it seems a loop occurs and the request is never carried out.
The code I've tried:
[Code]....
and
[Code]....
Both above methods worked fine in my IDE but not on my live system.
In IE nothing happens but in Firefox the below error is displayed:
"Firefox has detected that the server is redirecting the request for this address in a way that will never complete. "
project is built using ASP.NET MVC 2.0. There're some pages is run under https and the rest run under http. Follow the artical I found on StackOverflow (http://stackoverflow.com/questions/2414327/switching-between-http-and-https-in-asp-net-mvc-1-0 ) :1.For pages that need to run under https I just add the attribute [RequireSSL] for the corresspond action method.2.To force all the rest pages run under http I have overriden OnAuthorization in the base controller:
protected override void OnAuthorization(AuthorizationContext filterContext) { if (!Request.IsAjaxRequest())
On my page load, I need to download a file say http://example.com/file.csv or https://example.com/file.csv to some location on my web server without prompting save as dialog box. Means it will be a download in background from some server to my server. How to do this?
I'm trying to make my website more secured so want to install SSL certificate, for that I've requested a digital certificate from verisign and installed it succesfully in my server(IIS 5.1).
So everything is ready created the virtual directory and now im trying to access my site but now in the url its coming like http:\mysite.com but not https:\mysite.com.
what do we need to do extra other than installing the SSL certificate to convert it form HTTP to HTTPS.
I am creating a website with password-protected pages in it.
I have two type of customer: 1. Free 2. Paid
For paid customers, pages would be rendered over HTTPS whereas for free customer, pages will be rendered over HTTP. However, pages for both types of users would be same (while populating specific information for each user.)
note, the URL for the two users should be same except HTTP/HTTPS part.
I am new to HTTPS and want to know how to achieve this.
I have an application developed on MVC2 but I need it to change from HTTP to HTTPS after authentication. How do I manage that and where do I have to put the code?
I am planning my web url secured by changing it HTTPS. For this i went to IIS and created a CCR and i went to one of the site and i pasted this to generate a free certificate. But it is showing domain already existing. how to create a certificate and to change the link from HTTP to HTTPS.
Be built an MVC application. Some of the pages require being under SSL encryption. Means the whole site need to be broken down to sections (http and https)The immediate solution that comes to my mind is creating two IIS sites (port 80 and 443) and break the application to two sites (public-http and private-https). Since the site is complex, breaking it into two applications will be huge work.What is the easiest way of doing this?Is there any link or article that explains the best practices doing this?