Menu
When I added the URL rewrite code in web.config and then publish it into azure. it will automatically redirects to https even I am trying to access website with http.
<rewrite> <rules> <rule name="Redirect to https"> <match url="(.*)"/> <conditions> <add input="{HTTPS}" pattern="Off"/> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/> </rule> </rules> </rewrite> But when I run the same code in my local machine it gives the below error.
This site can’t provide a secure connection
How can I resolve the above error when I run the above code in my local machine?
589
The “This site can't provide a secure connection” error indicates a problem with the SSL certificate. In other words, the site is claiming to be HTTPS-compliant, but either it's not providing a certificate, or using an invalid one.
If you already have the correct date & time, it's time to clear Chrome's cache and cookies. To do so, press Ctrl + Shift + Delete and erase your browsing data. Even if this hasn't fixed the “This site can't provide a secure connection” error, we recommend clearing your browsing data on a regular basis.
What I do personally is put that rewrite configuration into Web.Release.config precisely because it is a bit fiddly to get it working locally.
The problem is that IIS Express will expose HTTP and HTTPS on different ports, so if you redirect from http://localhost:1234 to https://localhost:1234, it simply won't work, because IIS Express is exposing HTTPS on something like https://localhost:44300.
You can enable SSL/TLS on IIS Express (and you should), but I would leave the rewrite rule only for Release mode.
Here is an example Web.Release.config file:
<?xml version="1.0"?> <configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform"> <system.web> <compilation xdt:Transform="RemoveAttributes(debug)" /> </system.web> <system.webServer> <rewrite xdt:Transform="Insert"> <rules> <!-- Redirects users to HTTPS if they try to access with HTTP --> <rule name="Force HTTPS" stopProcessing="true"> <match url="(.*)"/> <conditions> <add input="{HTTPS}" pattern="^OFF$" ignoreCase="true"/> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent"/> </rule> </rules> <outboundRules> <!-- Enforces HTTPS for browsers with HSTS --> <!-- As per official spec only sent when users access with HTTPS --> <rule xdt:Transform="Insert" name="Add Strict-Transport-Security when HTTPS" enabled="true"> <match serverVariable="RESPONSE_Strict_Transport_Security" pattern=".*" /> <conditions> <add input="{HTTPS}" pattern="on" ignoreCase="true" /> </conditions> <action type="Rewrite" value="max-age=31536000" /> </rule> </outboundRules> </rewrite> </system.webServer> </configuration> Note that I also add HSTS here. It inserts the <rewrite> element into Web.config in Release mode. The <system.webServer> element already exists in Web.config, otherwise I would be inserting that.
69
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
