Suppose you have a SharePoint server set up, with one web application that runs in an IIS virtual on port 80, and the exension of that web app running in a virtual on port 443 for SSL. This allows one IP address to access a site collection using SSL, and a different IP address for non-SSL.

You can set up DNS to have a wildcard that points to non-SSL, and then explicit entries to redirect certain sites to the SSL virtual, like so:
zone: wss.ul02.local

First goal:
When the users enter a site that is protected by SSL, but they use a non-SSL protocol, we want to redirect automatically.

Solution to the first goal:
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [R=301,I]

This says: if you arrive at this site using port 80, I'm going to redirect you (R=301) to https and port 443.

Ok, next goal. With WSS (Windows SharePoint Services) Search, the indexer is configured on the web application level, which means the protocol in the URL (http vs https) is important.

Suppose a user enters http://teamsite.wss.ul02.local. The redirect rule from above sends the browser to https://teamsite.wss.ul02.local, and loads the page. Then suppose a user enters a search in the form and clicks the button, SharePoint grabs the browser URL string, which in this case is https..., and sends that to the search server for results. Like so:


Because the search index uses http, all search requests coming from the https pages return zero results. Using SSL breaks search.

To fix this, rewrite the URL before SharePoint sees it so that is looks like this:


This can be done with this rule:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{QUERY_STRING} ^((.*&)?u=http)s(.+)$
RewriteRule ^/(.*)$ /_layouts/searchresults.aspx?%1%3 [L]

The results are all links to the non-SSL site, but this doesn't matter because it is already fixed with the redirect from before, so you click a link in the results to get to an item, and the redirect keeps you on the SSL site.

Here is the full INI file :
RewriteLog  C:\temp\iirfLog.out
RewriteLogLevel 1
RewriteFilterPriority HIGH
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{QUERY_STRING} ^((.*&)?u=http)s(.+)$
RewriteRule ^/(.*)$ /_layouts/searchresults.aspx?%1%3 [L]
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [R=301,I]

Last edited Jun 12, 2008 at 5:32 PM by Cheeso, version 1


jcsernik Jun 12, 2008 at 7:36 PM 
I used this and it works perfectly. Thanks Cheeso!