{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 时光不老,我们不散 的问题《Unable to force HTTPS for website running ASP.NET》','https://www.manongdao.com/q-421124.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
So I've finally been able to successfully create a https website. It is just running the template ASP.NET web project. I have a certificate, and this is added to the ELB (Elastic Load Balancer - classic) in AWS. My environment works in that I can browse to https://www.mvc.cloudy-skies.org and it is secure. That's awesome! However, two issues remain:
1 - you can still just browse to http:// and it works. Not ideal. 2 - I have Azure AD authentication via OWIN middleware. This works great, but despite specifying HTTPS in the redirect URL after sign in, I am redirected back to the HTTP version of the site.
Can anyone help here please? I'm at a loss. This is how I have the listeners configured on the Elastic Beanstalk environment (Load Balancer)
I have tried adding redirects into the Web.Config (e.g.)
<!--<rewrite>
<rules>
<rule name="Redirect to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_X_FORWARDED_PROTO}" pattern="https" negate="true" />
<add input="{REMOTE_HOST}" pattern="localhost" negate="true" />
<add input="{REMOTE_ADDR}" pattern="127.0.0.1" negate="true" />
<add input="{HTTP_HOST}" pattern="localhost" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>-->
However this causes the Elastic Beanstalk deployment to fail on update, due to the fact that the healthcheck fails. I have even tried creating a basic HTML page in the root of the solution and using that for health checks but it still fails. Something about specifying the redirect in the web.config does not play well.
Surely this is really simple to force the user to conform to HTTPS?
I find it best to add a CloudFront Distribution, with "Redirect HTTP to HTTPS" set. CloudFront terminates the TLS session with your cert, then talks to your Elastic Beanstalk's ELB using http, though public internet users are automatically redirected to the HTTPS endpoint.
This can be achieved following these steps: