Worldpay do not support SNI which causes issues for clients that use SSL without a dedicated IP address on our systems.
To get around this issue it is recommended you use a plain HTTP URL and not a HTTPS one in your callback URL you set with Worldpay. This should be secure as no sensitive card data is called back to your URL.
If you are using force SSL redirects on your site then this will cause you issues as your callback will be forced to redirect which is not allowed by Worldpay. Therefore you need to negate your callback URL from the force SSL rule.
A simple way to do this in your web.config URL rewrites is as follows:
<rewrite>
<rules>
<clear />
<rule name="negateworldpaycallback" stopProcessing="true">
<match url="^api/notifications/payments/worldpay$" />
<action type="None" />
</rule>
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>You would replace "^api/notifications/payments/worldpay$" with your matching sub directory or callback route that you use for the callback URL.
Force SSL is now active on everything but your callback URL.
