Why doesn't this load into https?

Question

In asp.net mvc 3 I have a site which has an ssl certificate, and runs just fine in https. The only page exposed is the logon page. For whatever reason, it does not load in https. Here is my relevant code (will post more on request if I left something out).

web.config

<compilation debug="false" targetFramework="4.0">
<authentication mode="Forms">
    <forms loginUrl="~/Account/LogOn" timeout="2880"  requireSSL="true"/>
</authentication>

global.asax

public static void RegisterRoutes(RouteCollection routes)
{
 routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
 routes.MapRoute(
  "Default", // Route name
  "{controller}/{action}/{id}", // URL with parameters
  new { controller = "Account", action = "LogOn", id = UrlParameter.Optional }
 );
}

account controller

#if !DEBUG
    [RequireHttps]
#endif
public class AccountController : Controller
{
 public ActionResult LogOn()
    {
        return View();
    }
}

When the logon view loads, it is not in Https. What did I miss?

Answer 1

You need to set the Build Target to Release when you build your site. You will see a dropdown that looks like this in Visual Studio, change it to Release and rebuild, then publish your site:

Answer 2

You need to add [RequireHttps], so it would look like this:

[RequireHttps]
public ActionResult LogOn()
{
    return View();
}

This will force it to use Https.

Edit

Perhaps you need to add, the following to your Web.Config's <system.webServer> section:

<rewrite>
  <rules>
    <rule name="Secure Account Controller" enabled="true" stopProcessing="true">
      <match url="^account" ignoreCase="true" />
      <conditions logicalGrouping="MatchAll" trackAllCaptures="true">
        <add input="{HTTPS}" pattern="off" />
        <add input="{HTTP_HOST}" pattern="([^/:]*?):[^/]*?" />
      </conditions>
      <action type="Redirect" url="https://{C:1}:44300{URL}" />
    </rule>
  </rules>
</rewrite>