I've got a single directory in my ASP.Net website that I need to have SSL Enabled. For all other directories, I don't want SSL Enabled.
Using IIS, I've checked the Require secure channel (SS) and 128-bit encryption checkboxes for the folder I want to require SSL.
Now, when a user types in "http://", for my secure directory, I want to automatically redirect them to "https://". I've tried two approaches, and both have failed.
Approach 1: Change the IIS Custom Errors page for the directory for 403;4 to a URL pointing to : "/Intranet2/SSLRedirect.aspx". The SSLRedirect will point them to the correct site. When I do that, I get "The specified request cannot be executed from current Application Pool" error, even though the url is a part of the website and I only have one app pool for the entire website (not the DefaultAppPool).
Approach 2: Add a web.config in the directory to overide the 403 error code. Looks like this:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<customErrors defaultRedirect="../Default.aspx" mode="On">
<error statusCode="403" redirect="../SSLRedirect.aspx" />
</customErrors>
</system.web>
</configuration>
But when I make this change, I always get the default 403.4 defined in IIS.
Any suggestions?