Search code examples
windowsiisreverse-proxyarr

How to Enable SSL offloading on IIS Reverse Proxy

I have just enabled Reverse Proxy for my NodeJS application on Windows Server by enabling Application Request Routing (ARR) and editing the web.config file by following this article:

https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing

Now, everything is working fine, I am able to access my NodeJS application running on localhost from an external client outside the server. I want to enforce Https connection to this reverse proxy I've just created. How do I achieve this?

Solution

  • IIS URL Rewrite extension could accomplish this task. Please Install the extension.
    https://www.iis.net/downloads/microsoft/url-rewrite
    In order to force HTTP connection to https connection, please add the below Url rules in the webconfig file which can be recognized by IIS.

    <system.webServer>
           <rewrite>
            <rules>
              <rule name="Force SSL (https)" enabled="true" stopProcessing="false">
                <match url="(.*)" ignoreCase="false" />
                <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                  <add input="{HTTPS}" pattern="off" />
                </conditions>
                <action type="Redirect" url="https://example.com/{REQUEST_URI}" redirectType="Permanent" />
              </rule>
            </rules>
          </rewrite>
    </system.webServer>

    Alternatively, we could manually set up the rule by using the URL Rewrite extension after installation.
    enter image description here
    enter image description here
    enter image description here
    Feel free to let me know if there is anything I can help with.