Hello all- Using ISA 2006 Standard. We have an Apache server on our network. We are using the Apache server to add a forced redirect from HTTP to HTTPS for some pages on one of the sites served by that server. If your browser is on our network, this works fine. Apache replies with a 302 status, and a location header that includes https://site.domain.tld/file just like it should. However, if your browser is outside our network the reply seems to have been edited so that the location header now reads http://site.domain.tld/file (note the lost 's'). This causes the browser to enter a redirect loop where it tries the unsecured page repeatedly, and then fails. Since the only difference is that the request is going through our ISA server when we're outside the network, it seems like the ISA server is responsible for the problem. I'm not even sure how to set the monitoring filter on the ISA server, though, to show me what's going on. To complicate matters a bit, I don't know how to get the internally-generated certificate off the Apache server and into the ISA server. So I published it using the "Publish Non-Web Server Protocols" wizard. It was working fine until we started using the Apache server to redirect HTTP requests to HTTPS. Is there a way to prevent our ISA server from doing whatever it's doing that seems to be updating this response header? Or is there a better approach? (Like, maybe getting the cert off the Apache server and into the ISA server so we can publish the site like a normal web site?) Thanks, Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Rob Moore Network Manager 215-241-7870 Help Desk: 800-500-AFSC