Redirecting Non-HTTPS Traffic to HTTPS for SharePoint 2007
Like any sensible SharePoint 2007 deployment, I’m keeping the one I am working on currently currently strictly HTTPS (SSL). The reason for this is that we have opened up the SharePoint deployment to the web. Not a public facing web with anonymous access for internet users, but accessible without VPN on the web for our field employees to use.
One of the problems I have faced up until now is that when SharePoint is configured for HTTPS connections the Non-HTTPS connections are dropped and faced with a 404 Not Found error, the least helpful of all HTTP error codes.
Struggling for a solution to such a simple request Ã¢â‚¬â€œRedirect non-secured traffic to the secure protocol I searched online and found after a little digging this helpful article from a SharePoint blog at http://www.os.com/blog/capture-and-redirect-http-to-https-with-sharepoint-2007/. Here’s the crux of it:
- Configure the SharePoint AAM (Alternate Address Mapping) so that HTTPS is the default protocol for the public URL.
- Edit the IIS Site for SharePoint and either change the HTTP port to a random number, or do as I did and delete the binding for the HTTP port.
- Create a New IIS Site called SharePoint Redirect
- Assign the New Site to HTTP on Port 80
- Add a Host Header to the New Site Matching the URL of the Site (Eg. sharepoint.company.com)
- Using HTTP Redirects, Create a Permanent (HTTP 301) to the HTTPS URL of the SharePoint deployment.
PS: Don’t forget to allow HTTP and HTTPS through the external firewall though otherwise users will never hit the redirect rule.