You need to publish a new secure website and to avoid situations where users can't access your site because they do not know the difference between http vs. https nor www.company.com vs. company.com
For this we will need to setup some redirection rules.
There are few ways you can do that via TMG, but it will result in 302 redirects which you want to avoid and instead use 301 response code for redirection (so I've been told by SEO guys).
So our goal is to configure IIS/TMG to redirect the following addresses with response code 301:
First step - configuring IIS applications.
For this to work we will need two IIS applications. One for redirects and another one - the actual application.
For your actual application in IIS assign binding address: https://www.company.com
For redirection application assign bindings for addresses: http://company.com, https://company.com and http://www.company.com
And enable HTTP redirect to https://www.company.com with status code: Permanent (301).
Second step - TMG rules.
We will need two TMG rules with common weblistener.
Enable HTTP connections
Enable SSL (HTTPS) connections
Do not redirect traffic from HTTP to HTTPS
www.company.com (make sure it is above second rule)Bridging tab:
Redirect requests to HTTP
Redirect requests to SSL
Public name: www.company.com
Second rule for company.com (make sure it is below first rule).
Settings are identical to first rule, except for public name you specify domain company.com
should result in https://www.company.com
How to Allow HTTP 301 through ISA Server 2006 - http://blogs.technet.com/b/isablog/archive/2009/03/05/how-to-allow-http-301-through-isa-server-2006.aspx
Test your redirect method - http://www.redirect-checker.org/