HTTP to HTTPS in IIS – Enable HTTPS in IIS Webserver

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 4.00 out of 5)
http to https in iis

Here’s the Best Way to Enable HTTPS on IIS Webserver Quickly

Before you start the HTTP to HTTPS redirection process within your IIS server, you’ll need to ensure that the SSL certificate is installed correctly, and for the same, you can use the SSL checker tool. Once the SSL certificate is installed, you’ll need to work on a URL rewrite to redirect your website traffic to your newly installed SSL site.

Steps for Redirecting HTTP to HTTPS on IIS Webserver

  • First, download and install the IIS URL Rewrite Module
  • Open your IIS Manager in the console and select the website you’re looking to redirect
  • Select the URL Rewrite
  • Click on the Add Rules
  • Select Blank Rule and click OK
  • Enter the Name of the rule
  • In the Match URL section, under the Requested URL drop-down menu, select “Matches the Pattern.” In the Match URL part, enter: “(.*)”
  • Within the condition section, select the option Match All under Logical grouping and click Add
  • And, once the next window opens, enter:
    • {HTTPS} as your condition input
    • From the drop-down menu, select “Matches and the Pattern.
    • As the pattern enter ^OFF$
    • Click OK button
  • In the section Action type, click and select Redirect and then provide Redirect URL: https://{HTTP_HOST}/{R:1}
  • Check the option Append Query String check box
  • From the Redirection type drop-down, select Permanent (301)
  • Lastly, click Apply button.

Once you complete the above steps, you’ll require to apply the rule to your website. So, HTTP URLs automatically get redirected to HTTPS. Hence, below are the steps for the same:

Setting IIS HTTP to HTTPS Redirect Rules

  • In the IIS dashboard, right-click on your website name and select the option Explore
  • Once you click on it, the Root Directory will open. From there, select and open the web.config file.
  • Ensure your web.config file contains the below-mentioned code block. If it doesn’t, then add it.
<rule name=”HTTPS force” enabled=”true” stopProcessing=”true”>
<match url=”(.*)” />
<add input=”{HTTPS}” pattern=”^OFF$” />
<action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}” redirectType=”Permanent” />

And, if you still need to configure your web.config file within the root directory, create a new.txt file, place the code mentioned above within it, and save it with the name web.config.


Above mentioned steps are for redirecting IIS server traffic from HTTP to HTTPS. Similarly, it works for IIS servers 5, 6, 7, 8, 8.5, and IIS 10.

COMODO Premium Wildcard SSL at $98.99/yr.

Secure your primary domain and unlimited subdomains with premium 256bit SSL encryption on multiple servers with a single Premium Wildcard SSL.

Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.

Buy Cheap Wildcard SSL