Solution: These two steps out of all steps listed below solved my issue.
1. Assign the right in the Local security group too and
2. Grant “Log on as Batch Job” permission to the application pool identity account

- The account used as application pool identity shouldn’t be locked
- Reset the password of the application pool identity account in case it is expired
- Switch from built-in account to domain account for application pool identity
- Use another domain account as application pool identity
- Give “Full Control” to application pool identity account on shared data and configuration folders
- Give “Log on as Batch Job” permission to the application pool identity account
- Add the application pool identity account to IIS_USRS group
- Check account information in applicationHost.config for possible typos
- Recreate application pools, websites, and shared configuration (if used)
- Make sure to use the same encryption provider (IISWASOnlyCngProvider or IISCngProvider) in applicationHost.config
- Change application pool process model from LogonBatch to LogonService
- If it is a shared configuration setup in IIS, use the same IISWASKey

See links for more details
– https://techcommunity.microsoft.com/t5/IIS-Support-Blog/Event-ID-5059-Application-pool-has-been-disabled/ba-p/305274
– https://support.office.com/en-gb/article/change-passwords-for-web-application-pools-f7a944ec-3748-4478-8f53-df5569c965b5

I’m going to highlight only the important steps for HTTPS communication.

• A client contacts the server.
• The client and server exchange information about the communications they intend to perform, such as the ciphers to use (SSL handshake).
• The server transmits its certificate to the client.
  Note: It depends on the protocol used here as the server only can send its certificate etc.
• The client checks that it trusts the certification authority that issued the certificate. If it does not recognize the CA and does not get an override, the communication ends.
• The client checks for revocation information on the certificate. If the certificate is revoked or revocation information is unavailable, then the client might attempt to obtain an override. Implementations vary on how they deal with null or unreachable CRL information, but almost all will refuse to communicate with any entity using a revoked certificate.
• The client generates a portion of a temporary key for symmetric encryption.
• The client uses the server’s public key to encrypt the partial temporary key.
• The client sends the encrypted partial key to the server.
• The server decrypts the partial key using its own private key.
• The server completes the secret key.
• The client and server agree to use the secret key. All communications in the same conversation are encrypted with that key.

Note: It would be possible to use asymmetric encryption for the entire conversation. However, as we talked about earlier, asymmetric encryption results in ciphertext that greatly exceeds the size of the unencrypted source. To solve that problem without exposing a plaintext key, SSL only uses asymmetric encryption while the client and server establish identity and work together to create a symmetric shared key. From that point forward, they only use symmetric encryption. That keeps the size of transmitted data to a minimum. Even better, if an attacker manages to break any point of the transmission besides the initial negotiation, they will only gain a temporary key.

All of that explains why we use suites of ciphers: we need multiple algorithms to make this work.

Firstly,  had to change the default port from 80 to 81. This is needed because https listens on port 80 (You may ignore this step ;).

• Also, I created a record in the host file to redirect traffic from the localhost/loopback address to 127.0.0.1 (This can be done in DNS too but I decided to use the host file)

This can be found in this path C:WindowsSystem32driversetc
So when you enter the IP or hostname, you are automatically redirected to the desired URL. Ensure you open the host file via elevated rights (This is better done by opening or running notepad as an Administrator and opening the path mentioned above. This makes saving any change possible and effortless.

1. 127.0.0.1       mk.chris.com
2. 1x.xx.xx.2     mk.chris.com

Note: To make this possible ensure the SSL setting is unchecked not to require certificate otherwise you will never be able to access it via HTTP.

• Click on the website and
• Navigate to the SSL Settings
• Double click to open and set as shown below

Now create a binding to allow HTTP connection for the website as shown below.

New to ensure the URL redirect works by redirecting to HTTPS, kindly follow these steps as shown below

• Under sites, select the desired website
• Click on URL rewrite (if you do not have this already installed, click on the web Platform Installer, run it and select URL rewrite to install).
• Click on Add Rule (Under Action)

• The Add Rule URL Opens up
• Enter any desired name to identify your rule
• Under the Match URl, enter matches the pattern
• Under “Using”, select Regular expression
• Under Pattern, select (.*)
• Select ignore cases, note: this is selected by default in most cases.

• Navigate to condition and click on “Add” to create a rule
• Set as shown below and click on Okay

• Under Actions “Action type”, select Redirect
  Enter the Redirect URL and the
• Redirect type as “Found (302)”

Finally, click on apply on the top right side of the screen.

What are рrоxу ѕеrvеrs?

Proxy servers are typically simple servers (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers.

Depending on the purpose, you’ll be able to get proxy servers to route any of these common protocols. There are many different types of proxy servers out there. Some of those types are listed below.

Types of proxy servers:

Anonymous Proxy
The anonymous proxy server identifies itself as a proxy server but does not make the original IP address available.An anonymous proxy server is detectable but provides reasonable anonymity for most users.

High Anonymity Proxy
High Anonymity proxy server does not identify itself as a proxy server and does not make available the original IP address.

Reverse Proxy
A Reverse proxy is tech­ni­cally defined as being a proxy server, how­ever it does not enforce any local poli­cies. Reverse proxies are com­monly used to pass requests through the Inter­net, through a fire­wall iso­lated by pri­vate net­works. Reverse Proxy Servers are used to pre­vent Inter­net clients from hav­ing direct, un-mon­i­tored access to sen­si­tive data resid­ing on con­tent on iso­late servers.

Transparent Proxy
A Transparent Proxy Server tells the remote Computer the IP Address of your Computer. This provides no privacy. These are generally used for their ability to cache websites and do not effectively provide any anonymity to those who use them. However, the use of a transparent proxy will get you around simple IP bans.

Distorting Proxy
Distorting proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the HTTP headers.

Intercepting Proxy
An intercepting proxy, also known as a transparent proxy, combines a proxy server with a gateway. Connections made by client browsers through the gateway are redirected through the proxy without client-side configuration. These types of proxies are commonly detectable by examining the HTTP headers on the server side.

Types of proxy servers (protocols):

Socks Proxy Server:
Depending on Socks protocols, a socks proxy server is a newer protocol that allows relaying of far more different types of data, whether TCP or UDP.

FTP Proxy Server:
Depending on FTP protocols, Relays and caches FTP Traffic.

HTTP Proxy Server:
Depending on HTTP protocols.A one-way request to retrieve Web Pages.

SSL Proxy Server:
Depending on SSL protocols, an extension was created to the HTTP Proxy Server which allows relaying of TCP data similar to a Socks Proxy Server. This one is done mainly to allow encryption of Web Page requests.