Re: Offloading SSL to other Hardware Problems


Re: Offloading SSL to other Hardware Problems

in order for you to achieve that, you’ll need to configure your shopping cart folder in IIS to the following: –

1. Go to the Properties
2. Click on Directory Security
3. Under “Authentication and access control”, click Edit and clear the checkbox for “Anonymous Access”.
4. Next, under “Secure Communications”, tick the checkbox for “Require secure channel (SSL)” and “Require 128-bit encryption”.

Once you do that, whoever that hit that page will be forwarded to 443 port. The problem is IIS is not smart enough to help you to re-direct from 80 to 443 so you’ll need to re-direct yourself. Follow the steps below: –

1. Create a new ASP file (eg. redirect.asp) and input the contents below:

< %
Data = Request.ServerVariables(“QUERY_STRING”)
URL = Replace(Data, “:80”, “”)
URL = Replace(URL, “:443”, “”)
URL = Replace(URL, “403;”, “”)
If InStr(Data, “403;”)>0 Then
URL = Replace(URL, “http”, “https”)
Else If InStr(Request.ServerVariables(“HTTP_HOST”), “applicationname”)>0 Then
URL = Replace(URL, “404;”, “”)
URL = Replace(URL, “https”, “http”)
End If
End If
response.redirect URL

2. Still under the Properties of your shopping cart folder, go to “Custom Errors”.
3. Select “403;4” HTTP Error code and click Edit.
4. Change the setting so that it point to “redirect.asp” file.
5. Once done, scroll to look for redirect.asp file and right-click on it to select Properties.
6. In redirect.asp Properties dialog, click Custom Errors tab and select 403;4 HTTP Error.
7. Click Edit… and reset error message to system’s default. eg select “File” for Message Type and enter “C:WINDOWShelpiisHelpcommon403-4.htm” into File.
8. Click Apply and go to File Security tab. Click Edit… under Secure communications section and disable the checkbox Require secure channel (SSL)

Hope the above achieve what you want.