IIS + LetsEncrypt + Redirect http to https
[*]下載win-acme,解壓執行letsencrypt.exe
N: Create new certificate => 1: Single binding of an IIS site => 選擇要產生SSL憑證的site,接著就會幫你設好SSL憑證,並排程自動更新SSL憑證
[*]下載並安裝URL Rewrite 2.0
[*]在site的主目錄下修改或新增web.config檔
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Allow LetsEncrypt" patternSyntax="Wildcard" stopProcessing="true">
<match url=".well-known/*" />
<action type="None" />
</rule>
<rule name="Redirect HTTP to HTTPS" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
[*]重啟IIS
Reference:
https://blog.tedd.no/2017/05/09/iis-redirect-http-to-https-but-allow-lets-encrypt/
https://weblog.west-wind.com/posts/2016/Feb/22/Using-Lets-Encrypt-with-IIS-on-Windows
頁:
[1]