Redirect HTTP to HTTPS with Host Name Site Collections

By using Alternate Access Mapping, its possible to redirect HTTP to HTTPS.
as explained in this thread
http://social.msdn.microsoft.com/Forums/en-US/eaab487a-bc94-4f06-981b-c62711764367/redirect-http-to-https-for-sharepoint-2013
However what if I am using Host name site collections? My understanding is that the AAM will not work then... so how can I sure that 
http://intranet.contoso.com is automatically redirected to https://intranet.contoso.com ?
val it: unit=()

This is not correct. You can't use URL rewrite with Host Named Site Collections in SharePoint. For URL rewrite to work you need to set bindings on web application which overrides Host Named Site Collection bindings in SharePoint (you have to chose either
web application bindings or let SharePoint handle that).
If you want to use URL Rewrite you need to create new Site in IIS7 which will listen on port 80 and rewrite URLs to port 443. This will create small overhead but you can save on resources by leveraging HNSC and have minimal number of web applications on
the server.
----Edit on 1/16/2014-----
I stand corrected. Above statement is NOT CORRECT. You can indeed perform HTTP to HTTPS URL rewrite with Host Named Site Collections (HNSC) quite elegantly. You do not need any additional web applications. In essence you can
build you whole farm with single web app on IIS (well two, since second one would be used for SharePoint services). Below is the example where I created single URL rewrite rule which handles any new host name provided they use same domain name (i.e. xxxxx.domain.com).
I have 20+ HNSCs in single web application and all of them are using URL rewrite.
        <rewrite>
            <rules>
                <rule name="Redirect to HTTPS" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{SERVER_PORT}" pattern="443" negate="true" />
                    </conditions>
                    <action type="Redirect" url="https://{HTTP_HOST}.domain.com/{R:1}" />
                </rule>
            </rules>
        </rewrite>
You need to install URL rewrite plugin and configure binding the following way on your web app in IIS. This will allow rewrite to work and SharePoint will be able to handle hoast header bindings internally.

Similar Messages

  • How can I create a host name site collection when I have a 443 web application already created for App model?

    Hi all,
    I have a 2013 farm set up with the App model
    1 web application for path based site collection using host name
    1 web application with SSL (no host name)
    1 web application for mysite
    My business request is that  I need to migrate SSL enabled 2007 content to this farm and use host name site collections.  I tried to create one more web application for this without any luck (the 443 IIS folder is already used by another web application). 
    I thought I bind the previous 443 web application with another IP address should be fine.  Seems like the IIS site is taken (https://server name:443) so it will not let me create one more.  How can I solve this problem so I can create the web application
    to host those host name site collections?  Any suggestion is greatly appreciated.
    Thanks in advance.
    Sally

    Hi Trevor,
    Thanks again for your quick reply.  I try the option 2 right after your post.  I use my front end server name for public URL (https://WFEName:443) and it fails again.  The error message is:
    The directory C:\inetpub\wwwroot\wss\VirtualDirectories\443 is already being used by another IIS Web Site.  Choose a different root directory for your new Web application.
    After reading more, I saw mix Hosted Name Site collection and Path-based site collection aren't recommended.  Unfortunately I already have Path-based site collection created with App model web application
    (the web application without host name) in my farm.  In my Option 2, that web application without host name is used for App routing.  This takes the root folder 443 which will not allow any other web application to use the same name again. 
    Does that mean we can't create Host Named Site collection in the same farm?  Is there any configuration I need to check?
    Thanks again.
    Sally

  • Migration of SP2010 Foundation Path Based to SP 2013 Enterprise Host name site collections

    Greetz!
    Need some sanity checking here. We have an existing intranet that uses SP 2010 Foundation (all out of the box) using SQL Express. We are standing up a brand new 2013 Farm on new hardware in a new network which will use host name site collections.
    According to
    TechNet this is a supported upgrade path.
    My thought is to do a database attach method from the old farm to the new one to get the product edition upgraded. Then to convert path-based site collections to host-named site collections I would need to follow the method described
    here which is to backup and restore to the hnsc of my choice.
    Something seems off about this though. Can I just attach to the new SQL instance and run the Mount-SPContentDatabase  or is there something about the backup-spsite and restore-spsite commands that does a conversion??
    Thanks!
    Love them all...regardless. - Buddha

    You need to do the Mount-SPContentDatabase to upgrade the schema of the database from 2010 to 2013.  Then you'll need to do the backup and restore to change the sites over to Host Named Site Collections.  Both steps will be required to accomplish
    what you want since you can't backup a 2010 site and restore it to a 2013 farm.
    Paul Stork SharePoint Server MVP<br/> Principal Architect: Blue Chip Consulting Group <br/> Blog: <a href="http://dontpapanic.com/blog">http://dontpapanic.com/blog</a><br/> Twitter: Follow <a href="http://twitter.com/pstork">@pstork</a><br/>
    Please remember to mark your question as &quot;answered&quot; if this solves your problem.

  • Load balancing host named site collection

    I am jumping into the realm of host named site collection. While the learning experience has been good, still there are some questions unanswered. Please bare patience since my questions are long.
    - I have a non host header site on port 80 that has https certificate added to IIS for supporting app store in https mode.
    - I tried to created the host name site collection using https in this default port 80 non host header web application and was greeted with error. Then i extended the web app to different  zone with port 443 . Then created the host header site collection
    with https with web application name for extended 443 one. Creation went in fine.
    - I tired to use IPs on now extended IIS site and bind certificates on that one. The site does not load. I do the same again in the default zone iss site, bind ips on that one and site loads. Now question is even though host header site collection was created
    using extended web application url , why binding had to be done on default zone IIS site?
    - Second test, i changed the authentication mode for extended, no effect on host named site collection but as soon as i changed it in default zone it reflected in host named site collection. I am confused why it needs extended zone url to create the https
    site but every change done in default zone is getting reflected on this host named site collection.
    Now for load balancing , it works fine with IP? But how to load balance these host named site collection using url. I talked with f5 team and they said i need to send some reply query string from each site. Where do i do that? Or is it even needed? 
    Accoring to this link : https://devcentral.f5.com/articles/name-based-virtual-hosting-with-ltm
    . If the site hosts an application, though, the monitor should request a dynamic page on each webserver which forces a transaction with the application to verify its health and returns a specific phrase upon success.
    For application monitoring, the recommended best practice is to create such a script specific to your application, configure the monitor Send string to call that script, and set the Receive string to match that phrase. 
    Has any one done this before? I tired to search for resource regarding this for iis or sharepoint but was not able to get anything.
    Thank you for your patience for reading such a long question. 
    Adit

    first part of question:
    Default Web Appliction in port 80: Creating https host named site collection fails.
    Extend default web application on port 443 : Https hostnamed site collection created when web application name is passed for extended web application on port 443. This means this site collection is associated with this extended web application correct? But
    all the changes made in IIS only reflect if it is made to port 80 web application. Also changing authentication scheme from Central Admin, only changes on default zone reflects on site collection not the one in extended web application? Why  if the site
    was only created on extended web application paremeter, changes on default are reflecting on it but not from extended.
    Second part of question:
    Each Hostnamed site collection when load balanced thorough f5 using IP for 3 WFE uses 3 IPs for each. This way we will run out of IPs pretty soon. I want to know if there is way to load balance these sites using Hostname or anyother paramenter through f5
    and if any body has done it? 
    https://devcentral.f5.com/articles/name-based-virtual-hosting-with-ltm link talks about sending reply string
    from application but i do not know where to set it up or how to do it? No resources in the net. Just asking if any one else has done it. 
    Adit

  • Having thousands of Host-Named Site Collections - which authentication type?

    So Microsoft seems to state the claims + Host-Named Site Collection (HNSC) approach is the way to go forward.
    Assuming we have thousands of site collections, and we don't want to go with good ol' NTLM authentication as our claim authentication type, then how should we authenticate?
    Both Kerberos and SAML would be a nightmare to manage, since for Kerberos we need to register a Service Principal Name (SPN) per HNSC. For SAML we would end up in a similar situation, since this would require us to configure a relying party
    + realm for every HNSC.

    Please see the documentation on using managed paths with host named site collections.
    http://technet.microsoft.com/en-us/library/cc288637(v=office.14).aspx#section5
    You would be very unlikely to have thousands of individual host names, I would never recommend such an architecture to a customer.  Instead, you are much more likely to use managed paths (/sites/, /personal/, etc) in combination with host names, significantly
    reducing the number of individual host names while still allowing you to easily scale to thousands of site collections.
    In Office 365, each tenant is provisioned with 3 top-level host names (<tenant>.sharepoint.com, <tenant>-public.sharepoint.com, and <tenant>-my.sharepoint.com), all subsequent site collections are provisioned using managed paths.
    Note that this is not really a question particular to HNSC.  If you decide to not use host-named site collections but want to use individual host names using web applications, you get far less.  According to our Software Boundaries and
    Limits document, you get maximum 20 web applications per farm with a maximum 5 AAMs per web application, yielding a maximum 100 individual host names. 
    http://technet.microsoft.com/en-us/library/cc262787.aspx
    While you can achieve more host names using HNSC, I would strongly discourage this design and instead seek to leverage managed paths. 
    Kirk Evans
    Architect, Azure Modern Apps Center of Excellence
    Microsoft Corporation
    Microsoft Certified Master, SharePoint 2010
    http://blogs.msdn.com/kaevans

  • How can I create a new Host Url Site Collection in SharePoint 2013?

    Hi,
    This may sound really daft, but someone is trying to create a new Team Site Host Url Site Collection. We have the one Web Application at
    http://main and all site collections sit underneath. When we try and create a new Site Collection we have URL set as
    http://main/sites.  Our new site should be
    http://newsite. I tried to remove root and sites from http://main managed paths and you can't do it.
    Is it just me, but do you have to create a web application. Create Site collection for that web application and then move to under
    http://main like a SharePoint 2010 migration?
    Help Appreciated.
    John. 

    In that scenario, you would need to create a new Web Application, yes. There is another function called Host-named Site Collections which would get you what you want, but it takes a bit of work:
    https://technet.microsoft.com/en-us/library/cc424952.aspx
    http://blogs.msdn.com/b/russmax/archive/2013/10/31/guide-to-sharepoint-2013-host-name-site-collections.aspx
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • AAM for Host named site collection

    I have non-host header web application at port 80:http://wwwserver 
    It is AAM to https://wwwserver in same zone.
    Now when i create host named site collection using http it works fine
    New-SPSite http://hostheader.site.com/ -OwnerAlias domain\username -HostHeaderWebApplication http://wwwserver -Template "STS#0"
    But when i do 
    New-SPSite https://hostheader.site.com/ -OwnerAlias domain\username -HostHeaderWebApplication https ://wwwserver -Template "STS#0" i get error Warning: The port specified for the new host header site does not match any known bindings in the specified
    web appplication . The new site will not be accessible if the web application is not extended to an IIS web site serving this port.
    Now when i try to extend web application on port 443 it says it is already used by sharepoint. I do not want to screw aam since all my app store urls are configured through https://wwwserver. Any way to achieve https in host named site collection?
    sachin
    sachin

    Hi Sachin,
    Powershell New-SPSite is specifically looking for a web application that responds to
    http://www, not http://www. I don't think AAM applies for web applications, only for the URLs that the web application responds too.
    Information on configuring HNSC and SSL in this blog as well:
    http://blogs.msdn.com/b/russmax/archive/2013/10/31/guide-to-sharepoint-2013-host-name-site-collections.aspx
    Regards,
    Gavin McKay

  • Content Search Web Part over HTTPS for a Host Named Site Collection

    Hello
    I have a host named site collection http://media.contoso.com which is a media portal that stores videos and pictures. On my parent site collection http://site.contoso.com homepage I have a Content Search Web Part that displays videos from the media portal.
    Both sites work over https.
    When I edit the content search web part and enter the URL http://media.contoso.com in the 'Change Query' box, search returns the results as expected but when I enter the URL as
    https://media.contoso.com no results are returned.
    I have removed the binding in IIS to point to http://media.contoso.com.
    I need it to be https so that I don't see "HTTPS security is compromised by http://media.contoso.com" on my site collection homepage.
    Any idea why this is happening?
    Thanks
    Yoshi

    http://technet.microsoft.com/en-us/library/ee792873%28v=office.15%29.aspx
    In the Search SSL Settings dialog box, do one of the following:
    If you do not want the crawler to crawl a site when there is an SSL certificate warning, make sure that the
    Ignore SSL certificate name warnings check box is cleared. For security reasons, the check box is cleared by default.
    If you want the crawler to crawl a site even if there is an SSL certificate warning, make sure that the
    Ignore SSL certificate name warnings check box is selected.
    If this helped you resolve your issue, please mark it Answered. You can reach me through http://freeit-support.com/

  • FTP Issue with Host name

    Hi All,
       When i tried to send the file to other FTP server with host name i am getting below error.
      Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled 
       resource: UnknownHostException: ftp.kms.telnet.vector.com.
    But i am able to send the file successfully using IP address.
    Can anyone pls suggest if any additional settings needs to be done in file adapter.
    Or any other setting needs to be taken care.
    Please advise.
    Thannks,
    Swetha

    Hi,
    Basis people are not aware of adding in host file, for that reason i am asking input here.
    My XI ssytem runs on OS level i.e on AS400.
    Basis team tried to reach host file by mapping into server, but they are unable to find host file. Do i need to ask OS level expert to add entry in host file.
    For my knowledge, can you pleae give me the path of host file at OS level if you have any idea.
    Please advise
    Thanks,
    Swetha

  • Robots.txt and Host Named Site Collections (SEO)

    When attempting to exclude ALL SharePoint Sites from external indexing, when you have multiple web apps and multiple Host Named Site Collections, should I add the robots.txt file to the root of each web app, as well as each hnsc? I assume so, but, thought
    I would check with the gurus...
    - Rick

    I think, one for each site collection as each site collection has different name and treated as web site.
    "he location of robots.txt is very important  It must be in the main directory because otherwise user agents (search engines) will not be able to find it.  Search engines look first in the main directory (i.e.http://www.sitename.com/robots.txt)
    and if they don’t find it there, they simply assume that this site does not have a robots.txt file"
    http://www.slideshare.net/ahmedmadany/block-searchenginesfromindexingyourshare-pointsite
    Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

  • Help needed on Host Named Site Collection creation --- please help

    Hi Friends,
    Question 1
    Can we create Host Named Site Collection following the pattern below?
    We will have three Department head Host Named Site Collections, names –
    HRHead.ourdomain.com
    MarkettingHead.ourdomain.com
    AdminHead.ourdomain.com
    Under each of these department head sites, there will be 3 or 4 Host Named Site Collections. The site structure will be like:
    HRHead.ourdomain.com

    HR1.ourdomain.com

    HR2.ourdomain.com

    HR3.ourdomain.com
    MarkettingHead.ourdomain.com

    MarkettingProduct1.ourdomain.com

    MarkettingProduct2.ourdomain.com
    AdminHead.ourdomain.com

    AdminCountry1.ourdomain.com

    AdminCountry2.ourdomain.com

    AdminCountry3.ourdomain.com
    Question 2
    If we want to use common template (like header, footer, company icons) for inner sites (e.g. AdminCountry1.ourdomain.com, AdminCountry2.ourdomain.com, AdminCountry3.ourdomain.com) how to create that template for Host Named Site Collection? If these were
    sub sites, we can take help of site templates. But these are Host Named Site Collections, how to use common design for Host Named Site Collection?
    Any hint from you will be really helpful. Thanks for your comments.

    Yes you should be able to create a site collection using a custom template.  Here's a BLOG on how to create a site collection with a custom template in 2010.  It should still work the same way.
    http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=218
    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

  • Error Accessing Host Named Site Collections In SharePoint Foundation 2013

    We have a new SharePoint Foundation 2013 server that has one web application two host named site collections. We get the "This page can't be displayed" message when we try to navigate to either of the site collections. Adding the server's IP to
    the host file on the machine we are testing from doesn't help. We can ping the new sites from that machine. The web application does not have a host header.
    Web application URL = http://servername
    Site collection #1 URL = http://customer.company.com
    Site collection #2 URL = http://vendor.company.com

    Hi,
    I recommend to verify the things below:
    Check if site can be accessed with site collection administrator.
    Add the SharePoint sites to a trusted zone to see if the issue still occurs.
    As this issue can be caused by many reasons, you may check the ULS log for more detailed errors.
    For SharePoint 2013, by default, ULS log is at C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS.
    Best regards.
    Thanks
    Victoria Xia
    TechNet Community Support

  • Managed path for host named site collection is farm level or web application level?

    Hi,
    I would like to get advice.
    I created a webapplication for host named site collections.
    these are my host named site collections (except http://sp2013) under my webapplication
    Root Site Collection: http://sp2013
    Site Collection: portal1.sg
    Site Collection: portal1.sg/research
    Site Collection: portal1.sg/intranet
    research and intranet managed paths are farm level
    all my host named site collection will be accessed by http and https except "intranet" site collection will be only accessed by https
    so I changed the Intranet zone for site collection using Set-SPSiteUrl
    Set-SPSiteUrl (Get-SPSite "http://portal1.sg") -Url "https://portal1.sg" -Zone Intranet
    Set-SPSiteUrl (Get-SPSite "http://portal1.sg/research") -Url "https://portal1.sg" -Zone Intranet
    Set-SPSiteUrl (Get-SPSite "http://portal1.sg/intranet") -Url "https://portal1.sg/intranet" -Zone Intranet
    Now I need to create "search" site collection for "Enterprice Search Center"
    My question is that for the "search" managed path ... should i use farm level or web application level?
    "search" site collection will be will be accessed with both http and https also.
    Thanks a lot!

    managed path for HNSC is farm level and u can have 20 managed path
    while managed path for path based is 20 per web application in your case if you are going to have a a separate web application for search then u will use web app
    Kind Regards,
    John Naguib
    Technical Consultant/Architect
    MCITP, MCPD, MCTS, MCT, TOGAF 9 Foundation
    Please remember to mark your question as answered if this solves your problem

  • Moving host header site collections to a different URL

    Background:
    We have a SharePoint 2010 farm with a single web app.  Within this web app, we have over 40 site collections.  Unfortunately when they were created, they were all put under their own explicit managed path.  So now we have over 40 managed paths
    and the recommended number of managed paths is 20.  We are planning to create wildcard managed paths and move site collections from
    https://servername/sitename to
    https://servername/U/sitename to reduce the number of managed paths. 
    The implications of this are clear for site collections that are not host header site collections.  Site collection admins will have to adjust any URLs that refer to items in the site collection.  It is less clear for host header site collections. 
    From the user's point of view, the host header URL itself will not change.
    1.  Will internal links in the host header site collections need to be adjusted like in regular site collections?
    2.  Will the e-mail address of e-mail enabled lists and libraries change?
    I would be grateful if anybody has an answer to this.
    Sheila

    If you moved http://sitename.webapplication.domain.com (ie. a host named site collection) to http://webapplication.domain.com/managedPath/sitename then it would obviously have a different URL.
    That is not what you were describing in your first post, the terminiology is a little specific and I think you're getting it a bit wrong. A web application (often) has a host header, that will not change moving a site from an explicit path to a wilcard path.
    A host named site collection is very different and more complicated
    If you are planing on converting
    http://webapplication.domain.com/site1
    http://webapplication.domain.com/site2
    http://webapplication.domain.com/site3
    to
    http://webapplication.domain.com/sites/site1
    http://webapplication.domain.com/sites/site2
    http://webapplication.domain.com/sites/site3
    Then you are not using Host Named (or host header) Site Collections, those are bog standard managed path site collection addresses.
    Now to answer your question: for users to access the sites after the move they must use the /sites/siteX version, if they use an old link then it will not work.
    There is a trick in SharePoint that will keep links that exist within the site collection consistent so that some URLs will be maintained. This is called a relative URL and means that URLs that are within the same Site Collection will automatically work
    with the new URLs.

  • Open list form across host header site collections via Modal Dialog window

    Hello,  I have a web application that has two host header site collections in it.  When a user is on Host Header A, I need to open a list's display form that's located on Host Header B.  I'm using the JS function  SP.UI.ModalDialog.showModalDialog(options)
    to open a dialog window to the host header B list's display form.  It loads and shows all the columns, but there are a couple issues.
    1) The scroll bar on the dialog window is not active (can't scroll up or down to see all the columns).  This is an issue on all browsers (IE 8 &9, Chrome, FF)
    2) In IE, the SP ribbon does not display.  In Chrome and FF the ribbon does display and the buttons work fine.
    There's no errors in the ULS logs, and if I use IE8, there's a JavaScript "Access Denied" error.  I've confirmed the user account has permissions on both sites & list.
    My first thought had to do with anonymous access being turned on at the web application level (not the site level) and the credentials not being passed to the new site collection.  But this isn't the case because in Chrome, the ribbon shows and the
    buttons are security trimmed correctly based on the users permissions.  So I know the credentials are getting passed through the dialog window.  And when I use the "Edit' button on the ribbon in chrome, it opens a new dialog window and everything
    works correctly (Scroll bar and ribbon).
    Has anybody been able to successfully open a list form across two separate host header site collections?

    I ended up getting around the cross site collection in the modal window issue by using a custom ASPX page that works as a redirect using JS.  
    The link the end user clicks pops open the aspx page in a dialog window.  I then pull the URL of the list item I want to open from the URL and have JS open that form in the modal window.  The key seems to be to open the redirect aspx page under
    the same site collection as the list item you want to view.
    Here's the JS that's in the aspx page.
    <script type="text/javascript">
    // We name the current dialog windown
    window.name = "newSiteWindow";
    // wait until we know the the JS lib is loaded
    ExecuteOrDelayUntilScriptLoaded(loadNewSite, "sp.js");
    function loadNewSite() {
    //grab the list item URL from the URL of the dialog window using a pre created function
    newURL = GetUrlParmByName("listItem");
    //append our dlg query to the end so everything displays correctly. If you do not use IsDlg=0, the ribbon does not display and the window will not scroll.
    newURL = newURL + "&IsDlg=0";
    //use the current window to open the list item we want to go to.
    window.open(newURL, "newSiteWindow");
    </script>

Maybe you are looking for

  • Time Capsule can't function as backup drive?

    My main work computer's logic board fried yesterday. (Under AppleCare, so shouldn't be the end of the world, just a pain). I have it set for continuous hourly backups to a 1TB Time Capsule. So I should have all my files accessible. I'm working on ano

  • Credit card charged

    I have credit on my account from a recently redeemed gift card but my credit card was still charged even though there was more than enough credit on my account to cover the purchase.  Is it possible to get refunded and have the credits on my account

  • New to instrument control: attempting control of E5062A with GPIB cable and C program

    Hey everyone! I'm lost as where to start controlling an instrument we have in the lab. I'll give you my setup: It is a VNA, agilent/keysight E5062A. Controller is a desktop server running RHEL 5. I have a GPIB Cable. Program needs to be written into

  • Reading pdf files while generating them.

    Hi forum, I've got a database process that invokes many times the report servlet (using UTL_HTTP), in order to generate pdf files that will be stored in a directory accessible from database (appears in all_directories table). At the same time, anothe

  • Non production usage of the MCOS deployment

    Hi everyone, As we all know, it's time for HANA SPS09. So recently I have read a lot about MDC(multitenant database containers). And I learn that by comparing to other architectures.(include SCOS, MCOD, MCOS). However, when referring to MCOS, multipl