On my project at work I recently had to deal with securing our IIS 6 website with SSL and forcing that no non-secure requests would be honored.
What I quickly found was that IIS didn’t offer a way to automatically redirect any non-secure requests to a secure version of the same page, or some other page (i.e. http://www.yoursite.com/login.aspx redirect automatically to https://www.yoursite.com/login.aspx).
Luckily after spending a good amount of time Googling I found this post that involves a handy tip that you can use to change the custom error page for error 403;4 (the one displayed when you try to view the non-secure site). I won’t re-state everything from his blog post, but it definitely has everything you need to get around this problem if you’re in the same boat.