This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 44%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
I'm working with SSRS 2019. I think that I've determined that SSRS doesn't natively support a way to redirect HTTP to HTTPS. The workaround seems to be to remove port 80 from Report Server Configuration Manager and install IIS to handle port 80 traffic with the URL Rewrite module. Please correct me if there's a better way. I'd prefer not to have IIS installed if there's a cleaner way to accomplish a redirect for SSRS.
I'm having a lot of trouble writing a redirect rule. I'd like to both redirect any incoming HTTP requests to HTTPS (which would be handled SSRS) and redirect any traffic to the default site to /Reports. Essentially, I've been trying to combine these two code samples without much success:
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URI}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to /Reports" stopProcessing="true">
<match url="^$" />
<action type="Redirect" url="/Reports" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Any and all help is appreciated. Thanx!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 91%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Do it the easy way and just change one value in your rsreportserver.config file.
<Add Key="SecureConnectionLevel" Value="3"/>
This will force TLS and automatically redirect HTTP to HTTPS.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 5%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBT%3C/text%3E%3C/svg%3E)
This worked perfectly for me. Note: as of SQL 2008r2, just set it to 1. 2 and 3 are values retained for backward compatibility, per MS documentation.
Specifies the degree to which web service calls must use Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL). This setting is used for both the Report Server web service and the web portal. This value is set when you configure a URL to use HTTP or HTTPS in the Reporting Services Configuration tool. In SQL Server 2008 R2, SecureConnectionLevel is made an on/off switch. For earlier versions than SQL Server 2008 R2, the valid values range from 0 through 3, where 0 is least secure.
In SQL Server 2008 R2 (10.50.x), SecureConnectionLevel is made an on/off switch, default value is 0. For any value greater than or equal to 1 passed through SetSecureConnectionLevel method API, TLS is considered on and the configuration property SecureConnectionLevel is set accordingly in the
rsreportserver.configfile. Values of 2 and 3 are still allowed for backward compatibility.
In my testing, 1 worked perfectly. HTTP://server.com/Reports redirected to HTTPS, and HTTP://server.com/ReportServer brought up and error that clearly states to use HTTPS:
Reporting Services Error
- The operation you are attempting requires a secure connection (HTTPS). (rsSecureConnectionRequired) Get Online Help
SQL Server Reporting Services
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 82%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBZ%3C/text%3E%3C/svg%3E)
Hi @Bob Singer ,
There are some mistakes in the HTTP to HTTPS redirect rule. I do some change and you can use it.
<rule name="http to https" enabled="false">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^Off$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
</rule>
Another rule Redirect to /Reports, if it only redirect traffic to main page to /reports, such as http://abc.com to http://abc.com/reports, I think it is no problem and test it work well.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Bruce Zhang
If it is not absolutely needed, I recommend cutting out IIS with SSRS; see Joshua Perry's answer.