How to configure ssl for whole site with output caching enabled
I ran into a new situation which i haven't thought about before. What if you have a public facing anonymous sharepoint site and you want to add a ssl cert for the whole site + you have output caching enabled with VaryByHeaders set to User-Agent. Most of us would handle this situation by inserting the ssl cert to the extended anonymous iis website.
Situation: Cache flushed, first user hits https://www.contoso.com and then the second user goes to http://www.contoso.com and gets all the links pointing to the https site. This is because IIS + output caching is related to one IIS website at the time (one w3wp.exe process). Here's how to go around this issue.
Extend the website once more and put it with the same host header as the anonymous site but map it to port 800. This is because IIS does not allow two websites with same port & host header (obviously). Then add the
SSL cert to this new website. The picture below describes why.
Port 800 never get hits but the website responds to the https requests.
