Is it possible to have my website require SSL if it is using Windows Authentication?
So far, I'm not having luck with it.
Is it possible to have my website require SSL if it is using Windows Authentication?
So far, I'm not having luck with it.
If you are always using Windows Authentication and always using SSL then the following should fit the scenario. 1. Rurn off all other forms of authentication in IIS. 2. Setup a redirect site in IIS to redirect all HTTP traffic to the HTTPS site (on the same server).
This forces all HTTP traffic over to SSL and only allows for Windows authentication.
Note this may behave strangely for non-IIS browsers due to how Windows Authentication works.