SSL And Security

Fair warning @JoeM1, I've been working through my own issues to https:// forces. Looks like you have your web.confing file correct:

<configuration>
<system.webServer>
<rewrite>
    <rules>
       <rule name="HTTP to HTTPS redirect" stopProcessing="true"> 
         <match url="(.*)" /> 
         <conditions> 
           <add input="{HTTPS}" pattern="off" ignoreCase="true" />
         </conditions> 
         <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
       </rule> 
    </rules>
</rewrite>
</system.webServer>
</configuration>

Looks like you got the exact right advise to me? All I can think is that you should check to make sure you have the proper configuration for the server hosting you are utilizing? You'll find that different server types will have different configurations. Check out Redirect HTTP to HTTPS automatically. I hope that helps? 

Thanks, rd (Roy).  I have verified that I have Economy Hosting and a Windows-Based account.  As such, according to GoDaddy, I should create a web.config file at the root level with the code you show..  (https://www.godaddy.com/help/redirect-my-website-to-https-in-pleskwindows-27873). I did this through the file manager area.  However: when I go to the site thereafter, I receive a "500 internal server error".  Thoughts?  Thanks!

Hi Joe,

I did the same thing as you, but then I got the error "ERR_TOO_MANY_REDIRECTS". Remove the code and everything works as normal.

You have any idea?

Once I make a change to my SSL certificate, configuration or domain I like to give the changes a minute @JoeM1. Can you do me a favor and read though this thread UCC certs aren't what they use to be? I just finished that exercise and it helped me understand a bit. It sounds like you have some wrong configurations in your CNAME? At one point I was getting 500 errors in my configuration.

Thanks yet again, rd !!!  I really appreciate your help.  Well, all I can tell you is this.  I have an Economy, Windows-based site.  So, according to GoDaddy, I should add a "web.config" file to the web root, and I did so using the code they provided to me.  I did this directly through their website and the file manager area.  Whenever I do this, the website stops working and gives me a "500 internal server error".  This time, according to your suggestion, I waited 10 minutes after creating/saving the file, but the error persisted.  As soon as I deleted the file, the website returned to normal.  So, I'm stumped.  I have never had an issue with the site prior to attempting to add the "web.config" file.  I guess I will just ask everyone to bookmark the https version of the site and use that.  Joe

The reason I referred you to that thread @JoeM1 was because it sounds like your configuration would be the same? Basically you should not have to add anything to your web.config file. Just make sure that your www CNAME is set to @ and www.casra.info should go to https://casra.info or https://www.casra.info depending on the kind of certificate you have.

Well, I thank you again, rd @rd !  I tried adding the web.config again, this time with no code whatsoever therein.  Unfortunately I still have the same result as when I add the code provided by GoDaddy, with a "500 Internal Service Error" appearing when accessing either www.casra.info or https://www.casra.info.  This site is set up as "Economy Web Hosting Windows".  I don't know what type of SSL certificate I have (it was purchased directly from GoDaddy), but it does show "GoDaddy SHA-2" for what that's worth.

As far as the DNS and CNAME is concerned, this is what I have showing.  All TTL values are 1 hour except for the A which is 600 seconds.

A             @         45.40.191.217
CNAME   e          email.secureserver.net
CNAME   email   email.secureserver.net
CNAME   ftp       @
CNAME   imap    imap.secureserver.net
CNAME   mail     pop.secureserver.net
CNAME   mobilemail      mobilemail-v01.prod.mesa1.secureserver.net
CNAME   pda                 mobilemail-v01.prod.mesa1.secureserver.net
CNAME   pop      pop.secureserver.net
CNAME   smtp    smtp.secureserver.net
CNAME   webmail          webmail.secureserver.net
CNAME   www     @
CNAME   _domainconnect     _domainconnect.gd.domaincontrol.com

I sincerely appreciate your help.  Regards.

That looks correct to me now @JoeM1. I checked and it works properly. Are you still having an issue?