The application  is Windows Forms smart client using Windows version of Report Viewer control to display reports. Reports are configured to not use SSL and  are accessed using Custom Authentication using the URL http://myserver.com/reportserver (note it is not over SSL).

However there is a proxy server before the reports web server which redirects the URL to https://myserver.com/reportserver.

When I use browser and provide the URL http://myserver.com/reportserver, I see that it is automatically redirected to https://myserver.com/reportserver. I can see the list of reports and run them.

If I access the reports through the windows forms application, I get the error as follows

<v:shapetype coordsize="21600,21600" filled="f" id="_x0000_t75" o:preferrelative="t" o:spt="75" path="m@4@5l@4@11@9@11@9@5xe" stroked="f"><v:stroke joinstyle="miter"><v:formulas><v:f eqn="if lineDrawn pixelLineWidth 0"> </v:f></v:formulas></v:stroke></v:shapetype>

Any help to solve this would be appreciated. <v:shapetype coordsize="21600,21600" filled="f" id="_x0000_t75" o:preferrelative="t" o:spt="75" path="m@4@5l@4@11@9@11@9@5xe" stroked="f"><v:stroke joinstyle="miter"><v:formulas><v:f eqn="if lineDrawn pixelLineWidth 0"></v:f></v:formulas></v:stroke></v:shapetype>

Hi biprisim,

This is issue is with the redirection. When you call the operation of the service you use HTTP POST but redirection results in HTTP GET to the new destination address. This is how HTTP protocol behaves. Can you post your generated url ?

The generated URL for redirection is same as original except the protocol, which changed from http to https, as I said in my example. ( http://myserver.com/reportserver to https://myserver.com/reportserver)

I cannot post the "real" URL due to my client's security policy.

Hi biprism,

Thank you for your question. 

I am trying to involve someone more familiar with this topic for a further look at this issue. Sometime delay might be expected from the job transferring. Your patience is greatly appreciated. 

Thank you for your understanding and support.

Best regards,
Qiuyun Yu

Hi Biprisim,

Is it a designed behavior that the connections will be directed from HTTP to HTTPS in your client's company?

Please check with the people who maintain the web services, and see if they can make an exception so that the connection to the Reporting Services won't be redirect to the HTTPS protocol.

Yes, this is because of their security policy which dictates no SSL certificate is installed on the web server directly. All SSLs will be proxy server.

Because no SSL certificate was installed on Web server, RS was configured without SSL, on top of this it was configured to use custom authentication.

We are asking them to install SSL Certificate on Web server, which I believe will take care of the problem.

I just wanted to check if there is any configuration settings that we can do to make it happen.

It sounds like had our application been a web application, it would have worked what they wanted, because browser automatically redirects to the response URL, correct?

• Edited by biprism 10 hours 16 minutes ago

Yes, this is because of their security policy which dictates no SSL certificate is installed on the web server directly. All SSLs will be proxy server.

Because no SSL certificate was installed on Web server, RS was configured without SSL, on top of this it was configured to use custom authentication.

We are asking them to install SSL Certificate on Web server, which I believe will take care of the problem.

I just wanted to check if there is any configuration settings that we can do to make it happen.

It sounds like had our application been a web application, it would have worked what they wanted, because browser automatically redirects to the response URL, correct?

• Edited by biprism Friday, August 07, 2015 8:51 PM

Yes, there are configuration settings to make it happen, but as I mentioned you should ask the network team to make the change.

I don't know how the redirection is implanted in your environment, you can just provide the URL of the Reporting Services to the network team guys, and let them add it to the exception list, so they won't be redirected to the HTTPS.

There is nothing to do with the Reporting Services, because the redirection happens before it reaches Reporting Services.

Here is an example of adding exceptions when redirect HTTP to HTTPS. (But your implantation might be different, but the idea is same)

https://kojiroh.wordpress.com/2011/11/23/how-to-redirect-http-to-https-with-exception/