My SSL Certificate expired but I can't renew this weekend, is there a way I can disable SSL through MVC by only editing views or web.config?

Perhaps force redirect to HTTP when they request HTTPS through IIS, web.config, a开发者_如何学编程 View edit? I tried removing the SSL port settings under 'Advanced' but it broke the login page. I don't want to do a deploy/recompile right now but I am able to edit the VIEWS. However I am thinking there may be a way for IIS to do this, but then again I think the .NET code tries to force SSL.

And yes, the key is that more support tickets will be caused by the browser giving a security error than if SSL was removed entirely for one day. Becaues they wouldn't very very likely not notice it being gone.

Add a self signed certificate for now. Users will get a warning but at least SSL will mostly work, if they accept the self-signed cert.

If the site has code in it to force ssl and you can't push a new release out, then it sounds like you can't just turn off ssl.

Without knowing much about your site, if you were to disable SSL or make it unavailable, it would break all incoming HTTPS links. Unfortunately, in order to be able to redirect from HTTPS to HTTP, you would have to support SSL coming in, I think. Users may not want to use the site even temporarily if visited under the HTTP scheme as well.

Does the site not work at all with the expired SSL certificate? Or does it work, but with warnings to the end-user?

You may be able to get an SSL certificate right away with a provider such as Instant SSL, etc. My understanding is that they tend to issue them very quickly.

By the time the page request gets to the MVC pipeline, IIS has already determined whether it is running on port 80 or port 443. So no, i dont think you can use MVC views or web.config to redirect/proxy all requests to port 80.

EDIT

What are your web.config settings for authentication

<forms loginUrl="https://xyz/Login.aspx"

Try changing that to

<forms loginUrl="/Login.aspx"