I'm implementing a ServiceProvider-initiated SSO for one of our applications (using SAML v2.0 for .Net4, Version 18.104.22.168).
Unfortunately even if I access our web application using https the expanded absolute AssertionConsumerServiceUrl is always a plain http url, which obviously results in the redirection to that unsecure url.
Are there any means to ensure that during expansion of the AssertionConsumerServiceUrl https is preferred over http, if both bindings are configured in the application server?
The interesting part of my saml.config looks like that:
I would be very grateful for any kind of advice.
Grazie mille in anticipo