Error Enabling HTTPS in Sitecore 6

I had to implement a redirect rule to enable HTTPS in a site using Sitecore 6.2.0 (rev. 100507). This is my attempt and also a couple of errors I faced when doing this.

First, I enabled a URL rewrite rule in IIS using the following:

This rule forces a redirection when the request is non-secure (HTTP) to be secure (HTTPS). It is one of many ways you can do this, but this is how I ended up implementing. But then, I got the following error:

4256 23:22:14 ERROR Application error.
Exception: System.NullReferenceException
Message: Object reference not set to an instance of an object.
Source: Sitecore.Nexus
at Sitecore.Nexus.Web.HttpModule.(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Solution 1: So, the error I got was displaying after this redirect rule and the only way I could make it work was by changing the application pool type from “Integrated” to “Classic”.

The issue with this option is that it didn’t work completely since if you clicked any link you got a 404 error page.

Solution 2: So, I ended up implementing a function in the Global.asax to make the redirect manually.

protected void Application_BeginRequest(object sender, EventArgs e)
// Validate setting in AppSettings.config to enable or disable this feature
var httpsSetting = string.IsNullOrEmpty(Constants.IsHttpsEnabled) ? "false" : Constants.IsHttpsEnabled;
if (!bool.Parse(httpsSetting)) return;
switch (Request.Url.Scheme)
case "https":
Response.AppendHeader("Strict-Transport-Security", "max-age=31536000");
case "http":
var queryString = string.IsNullOrEmpty(Request.Url.Query) ? string.Empty : Request.Url.Query;
var urlPath = string.IsNullOrEmpty(SitecoreHelper.GetItemUrl(Sitecore.Context.Item)) ? string.Empty : SitecoreHelper.GetItemUrl(Sitecore.Context.Item);
var path = "" + urlPath + queryString;
Response.Status = "301 Moved Permanently";
Response.AddHeader("Location", path);
catch (Exception ex)
Log.Error("Error while redirecting request in Global.asax.", ex);

The code does the following:

  1. Validates if there is a setting to run this function. In case you don’t want to enable in your local environment or you don’t want to use redirection in the site.
  2. Validates if the request is secure using HTTPS. It only appends a header in this case.
  3. Redirects the request getting the domain of the site + url of the item + query string values (if any).

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.