locked
302 redirect doesn't work after migrating the site RRS feed

  • Question

  • User553482002 posted

    I need to migrate a website from one server to another.  Both servers are Windows 2008 R2. 

    The website has 302 redirect in place to https://<domain.com>

    When I migrated the site:
    1) Copied the site over to new web server, set it up on IIS

    2) Exported the SSL cert from old server in .pfx format, and then imported it to the new IIS server

    3) Stop the site and removed its IP from older server.  Migrated the site IP from old server to new server

    4) Bind the IP on the new server to the migrated site, https and http

    5) When browse the migrated site by browsing http://<domain.com> it doesn't redirect me to https, I doubled check the Error Pages on that site, it has 403.4 = responds with a 302 redirect absolute URL https://<domain.com>     So, this setting is just the same as with on the old server

    If I go to https://<domain.com> directly, i get a warning on Chrome saying the site is not private ... something like that.  I didn't get such thing when the site was at the old server.  

    It looks like the export/import SSL cert doesn't work correctly on the new web server.
    Any idea?

    Thanks!

    Thursday, April 14, 2016 9:25 PM

Answers

All replies

  • User-1122936508 posted

    5) When browse the migrated site by browsing http://<domain.com> it doesn't redirect me to https,

    Please look in the IIS logfile and post the entries related to this request that you're making.

    If I go to https://<domain.com> directly, i get a warning on Chrome saying the site is not private ... something like that.

    It would help if you posted the exact error message, not "something like that"

    It's hard to work out the root cause of the problem without precise information. Thanks.

    Friday, April 15, 2016 12:21 AM
  • User553482002 posted

    Hi Ken,

    I'll see what I get in the IIS log and post out later.  In the meantime, I discovered in the server event log, there are a lot of warning for

    SSL Certificate Settings deleted for Port : <IP_of_copied_Site>:443 .

    SSL Certificate Settings created by an admin process for Port : <IP_of_copied_Site>:443 

    I googled the error and found posts suggested to delete property id 5506 from the applicationHost.config file.  I cannot find the 5506 property ID from the applicatonHost.config file on the new IIS server

    Monday, April 18, 2016 7:19 PM
  • User553482002 posted
    #Fields: date time s-sitename s-computername s-ip cs-method cs-uri-stem cs-uri-query s-port c-ip cs-version cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
    2016-04-18 19:44:12 W3SVC2 WebServer <siteIP> GET / - 80 x.x.x.146 HTTP/1.1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2623.110+Safari/537.36 ASP.NET_SessionId=j0m1v0iuhiabyhotkjguc2pn - <siteURL> 302 0 0 402 435 811
    2016-04-18 19:44:15 W3SVC2 WebServer <siteIP> GET /Login.aspx ReturnUrl=%2f 80 x.x.x.146 HTTP/1.1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2623.110+Safari/537.36 ASP.NET_SessionId=j0m1v0iuhiabyhotkjguc2pn - <siteURL> 200 0 0 19206 459 2418
    2016-04-18 19:44:16 W3SVC2 WebServer <siteIP> GET /favicon.ico - 80 x.x.x.146 HTTP/1.1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2623.110+Safari/537.36 ASP.NET_SessionId=j0m1v0iuhiabyhotkjguc2pn http://<siteURL>/Login.aspx?ReturnUrl=%2f <siteURL> 302 0 0 424 404 31
    2016-04-18 19:44:16 W3SVC2 WebServer <siteIP> GET /Login.aspx ReturnUrl=%2ffavicon.ico 80 x.x.x.146 HTTP/1.1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2623.110+Safari/537.36 ASP.NET_SessionId=j0m1v0iuhiabyhotkjguc2pn http://<siteURL>/Login.aspx?ReturnUrl=%2f <siteURL> 200 0 0 19217 428 15

    Monday, April 18, 2016 7:51 PM
  • User1278090636 posted

    Hi,

    The 404.3  occurs whenever a connection is attempted using a non-secure protocol (HTTP), but the server only allows Secure Sockets Layer (SSL) HTTPS connections. Please make sure you have a binding for HTTP protocol.

    Chrome saying the site is not private 

    Please find solution to this issue in the following link.

    https://support.google.com/chrome/answer/6098869?hl=en

    Best Regards,

    Jean

    Tuesday, April 19, 2016 6:32 AM
  • User-1122936508 posted

    I'll see what I get in the IIS log and post out later.

    There is no redirect (to HTTPS) happening in your logfile, as per your initial post. At least we have verified the requests are making it to IIS. Can you post your redirect configuration please?

    In the meantime, I discovered in the server event log, there are a lot of warning for

    In Event Viewer, if you open an event, there is a Copy button. Please copy and paste the entire error. That will help with research.

    Additionally, if you can try another browser (e.g. IE) to connect to the site - take note of any warnings, and then post the IIS log file entries, that will also be useful.

    Tuesday, April 19, 2016 12:49 PM
  • User553482002 posted

    Hi Ken,

    After reading the IIS logs, i saw that it didn't hit the 403 layer at all.  Tried everything including iisreset and flusing dns, still didn't work.  I tried to do the redirect differently, without using the 302, and set to require SSL, still didn't work.

    1. I then removed the 403.4 entry completely from Error Page on IIS,
    2. Remove the "required SSL", restart the website,
    3. Closed out the IIS manager.  
    4. Added the 403.4 custom error page with 302 redirect back
    5. it works ...

    I am not sure why it works when I removed and added the entry back in. 

    Tuesday, April 19, 2016 9:18 PM
  • User553482002 posted

    Please make sure you have a binding for HTTP protocol.

    Jean,

    I did bind the website to port 80 and 443 (with installed SSL)

    Tuesday, April 19, 2016 9:19 PM
  • User1278090636 posted

    Hi,

    It seems that your Redirect rule to  HTTPS not working. The method that you posted above is depend on custom error page settings, not the IIS URL Rewrite Module.

    There are several ways to redirect HTTP to HTTPS in IIS, please take following link as reference.

    https://blogs.msdn.microsoft.com/kaushal/2013/05/22/http-to-https-redirects-on-iis-7-x-and-higher/

    Best Regards,

    Jean

    • Marked as answer by Anonymous Tuesday, September 28, 2021 12:00 AM
    Wednesday, April 20, 2016 3:17 AM