So I have been trying to rewrite using the following:

<rules>
  <rule name="HttpToHttps" stopProcessing="true"/>
    <match url="(.*)"/>
    <conditions>
      <add input="{HTTPS}" pattern="off" ignoreCase="true"/>
    </conditions>
    <action type="Redirect" url="https://{HTTP_HOST}{URL}"/>
  </rule>
<rules>

In two environments, this redirects like it should. In a third environment, it doesn't work. It doesn't work in the sense of, looking at a fiddler log, I see the http call with the full url. When it redirects to https, it removes everything after the HTTP_HOST.

So using the following url:

nonsecure://www.mysite.com/page.aspx?var1=1&var2=2

In two environments, it becomes

secure://www.mysite.com/page.aspx?var1=1&var2=2

In the third it becomes:

secure://www.mysite.com

I tried rewriting it as https://{HTTP_HOST}{HTTP_URL} and that doubled the {URL} in the first two environments:

secure://www.mysite.com/page.aspx?var1=1&var2=2&var1=1&var2=2

I'm not very experienced with web.configs, kinda learning as I go, so if anyone has any input as to what's going on here, it would be greatly appreciated. If it has any bearing on anything, the third environment is on two servers that are load balanced.

Ruslany has several IIS URL Rewrite examples on his blog, HTTP to HTTPS is one of them:

<rule name="Redirect to HTTPS" stopProcessing="true">
  <match url="(.*)" />
  <conditions>
    <add input="{HTTPS}" pattern="^OFF$" />
  </conditions>
  <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>

See http://ruslany.net/2009/04/10-url-rewriting-tips-and-tricks/ for more.