I have a site with SSL and am getting some very strange behavior when trying to go from https to http. In its most basic form, the problem is if I redirect from an https page to a different fully-qualified url such as http://domain.com/sample.aspx, the redirect actually goes to https://domain.com/sample.aspx. There is absolutely no code running on the destination page that would be attempting to turn SSL back on. Does anyone have any ideas?

Thanks Much!

9 Years
Discussion Span
Last Post by sknake

The admin of the website must have secured the Web Server so that people could only use https to access it.

When you try to access this website using http, the web browser
automatically adds an "s" after http inorder to establish a connection with the website that u r trying to view.


That's a good thought, but I can hit the site directly with http://. This issue only comes up when you access a page using https and it tries to redirect you to a page using http. I tried substituting the private IP for the domain name on the redirect and it worked. When I put the domain name back in or use the public IP, the issue comes back. This led me to think firewall... but that seems like a long shot since port 80 is open? Any more idea?



Use wireshark to packet sniff the connection. It can reassemble tcp conversations and look for a redirect or meta refresh with https://

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.