Redirecting HTTP to HTTPS

(Requires the HTTP/S module in EFT Express) The ASM and ESM allow you to redirect all HTTP connections to HTTPS in the administration interface. If you do not activate the mdoule, this feature is disabled after the 30-day trial expires.

When HTTPS is enabled, EFT will automatically redirect HTTP traffic to HTTPS for logins, forced password changes, and lost username and password functionality. A registry override can be used to prevent this redirect. The redirect check box described below controls both the login page and the connection, but only when HTTPS is enabled. The registry override's main purpose is to control whether the logon portion of the session is redirected to HTTPS when redirect is OFF in the administration interface. (The redirect check box is unavailable when HTTPS is disabled.)

If you have configured HTTPS transfers on the Site, you can redirect HTTP to HTTPS at the Site level. Doing so disables HTTP transfers.

EFT simply tells the connecting client that the resource was moved to the new HTTPS URL. The connecting client decides whether it will allow the redirect, because the new URL could be on a different server.

In general, the redirect process includes the following steps:

  1. Client sends a request to the HTTP port (by default, port 80).

  2. EFT redirects all plain HTTP requests to HTTPS (by default, port 80 to port 433). EFT replies to the client with 302 code (the requested resource resides temporarily under a different URL), and sends the client the new URL where the resource is now located.

  3. The client now knows that the resource is not available at the old URL and knows the new URL. Client decides whether it wants to connect to the new URL and get this resource.

Refer to RFC 2616, section 10, http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html, for more information about redirection on HTTP.

The redirect option also affects incoming AS2 requests through HTTP. If the connecting AS2 client does not allow redirection to a different port, the connection will fail.

If the redirect is not enabled, logins to WTC will still go to HTTPS, but then revert to HTTP after login.

To redirect HTTP to HTTPS

  1. In the administration interface, connect to EFT and click the Server tab.

  2. On the Server tab, click the Site you want to configure.

  3. In the right pane, click the Connections tab.

  4. Select the HTTPS (SSL) check box and configure SSL if not already configured.

  5. Select the Redirect HTTP to HTTPS check box.

  6. Click Apply to save the changes on EFT.

Even if HTTP is enabled for the user or Settings Template, HTTP transfers will be redirected to the HTTPS port (443 by default).

Related Topic