A while ago, I found it necessary to “automagically” redirect traffic from a standard http webpage to https (which is particularly useful for Outlook Web Access Pages) and I figured out how to do so by using a simple https redirect page…
Basically, how this is done is that you have your page that you want everyone to access via HTTPS, but you don’t want your users to have to type in the “s.”
First, you need to create a redirect page and store it in an easily accessible place on your web server, such as: “c:\inetpub\wwwroot\”
Create a file called something like, “sslredirect.htm”
In it, place this code:
<html>
<title>Redirecting you…</title>
<head></head><script language=”JavaScript”>
<!– begin hidefunction goElseWhere()
{
var oldURL = window.location.hostname + window.location.pathname;
var newURL = “https://” + oldURL;
window.location = newURL;
}
goElseWhere();// end hide –>
</script></html>
Now, you need to go to your IIS manager, and go to properties on the virtual directory that your website runs under (in my case, it was “owa”).
Then, go to the “Custom Errors” tab.
Go down to the “403,4” error, and click edit.
edit it, so that it looks like this: 
Then, click ok and close. Depending on what sites or virtual directories you want this to work on, you’ll have to apply the custom error page on all of them. For example, if you want your main site to re-direct to HTTPS as well as one or more of your virtual directories, you’ll have to change the custom error on all of them. Just be careful not to apply the custom error page on sites or virtual directories that don’t need to be redirected, especially ones that don’t have a certificate assigned to them.
Next, reset IIS by right-clicking the server name in IIS, going to, “All Tasks” and clicking, “Restart IIS.” Then, test your site.
From now on, whenever you type the address to the website using http, it will say, “redirecting you” and automatically place the user on the same site, only with the HTTPS prefix.
Pretty nifty, eh?
Leave a Reply