Would appreciate help to figure out why HTTPS bindings on IIS are returning a 401 status code while HTTP bindings for the same site work.
The following screenshot shows what happens when you browse to the HTTPS site:
The following screenshot shows the bindings:
The following screenshot shows authentication settings:
The following screenshot shows file permissions:
The following screenshot shows IIS version:
The TLS certificate is from Let's Encrypt but I am getting the same result with the IIS development certificate.
The same problem occurs with static HTML pages and ASP.NET Core application.
HTTP version of the site works but HTTPS returns 401.
Any help would be appreciated.
Edit 1 - additional info:
Failed-Request Tracing feature installed and enabled as shown in the following screenshot but no log file is created when reproducing the problem.
The following is a screenshot from browser developer tools to see what the response looks like. Not sure why NTLM is being used when it is disabled.
Edit 2 - additional info:
I think the response header "Microsoft-HTTPAPI/2.0" suggests that http.sys is responding to the request instead of IIS.