In reality you can not have IIS change from http to https for a specific folder automatically because it is really a client issue.
One method which does work and may be an viable option is to change the IIS custom error page for the error 403.4
The default message is shown below:
What we can do is instead of providing this error message we could issue a redirect to allow the client to redirect to the secure page.
Add the following code to an asp page; name the ASP page JumpSSL.asp and save in the root folder of your web site (it must be within the web site because we need to point the custom error to it as a URL)
<% If Request.ServerVariables("SERVER_PORT")=80 Then Dim strSecureURL strSecureURL = strSecureURL & Request.ServerVariables("QUERY_STRING") strSecureURL = Replace(strSecureURL, "http", "https") strSecureURL = Replace(strSecureURL, "403;", "") strSecureURL = Replace(strSecureURL, ":80", "") Response.Redirect strSecureURL End If %>
You now need to configure the directory to require SSL, right click the directory for the web site you are configuring and select properties.
Select the Directory Security tab and click the Edit button (This button is only enabled is SSL already configured for the site)
Select the SSL options that you require for the virtual directory; at a minimum click the Require Secure Channel (SSL)
Click OK to close the Secure Communications dialog
Now select the Custom Errors tab and then select the 403.4 HTTP error code and then click the Edit Properties button
Make the following changes:
- Set Message Type to URL
- Set URL to /JUMPSSL.ASP (or whatever file you created)
Click on OK to close the Error Mapping Properties Dialog
Click on OK to save all the changes to the web site.
Limitations of the custom error redirection.
- No form data is preserved during the redirection
- No query string parameters are preserved during the redirection
- In IE 5 the URL in the address bar displays http:// instead of https:// but the page is secure; IE 5 shows the lock icon at the bottom of the browser window.