I've installed an SSL Cert, and enabled it via web.config.
It works well, but I've encountered an issue/bug?
I clicked on my shopping cart so I could see the ssl cert in action.
Then, I wanted to continue browsing the site, so I clicked on the store logo, and it tried to take me to:
https://www.mysite.com/default.aspx
This of course, lead to the "this page contains secure, and non secure items" popup. We don't like that. I hovered over the top menu, and all other side links, and see they also have the "https", even when they would be going back to normal, "non-secured" content like the main page.
Any way around this? We can't have warnings popping up like that.
*** NEW INFO:
I notice, that when on an ssl secured page like shoppingcart.aspx, when I click on SOME top menu links they successfully go back to being non-secured. For example:
/boards/default.aspx /search.aspx
I hover over them, and they say "https://www.mysite.com/search.aspx" but when I click and go to them, the https is gone. Excellent!
I thought I'd check the nopCommerce.com site, to see how the https was handled, on shoppingcart.aspx etc, but it doesn't seem to have ssl enabled.
SO, I guess I need to know how certain pages lose the ssl, because I need ALL pages to lose ssl, except shopping cart, checkout, register, the whole administration section, and any others that need to stay secured.
Thanks for the comment. One thing I noticed, is that even when "IN" ssl, it's true - if I clicked the "home" logo, it tried to go to https://www.mysite.com/default.aspx and I got that error.
It seems that the top menu links which go to default.aspx, and contactus.aspx are the ones which thow this error. All the other ones, including even sidemenu links change the url back to http as expected.
I guess I need to find out what is unique about default.aspx and contactus.aspx that makes them not "rewrite" the url back to http.
Doing asp.net (vb) for 5 years, however new to nop though, so it's proving to be a learning process.
I am using nop version 1.3 In that version, we have if (!Page.IsPostBack) CommonHelper.EnsureNonSSL();
CommonHelper.EnsureNonSSL() :: This function automatic redirect https to http. So when you put this function in default.aspx and you come on home page with https then above function will redirect it to http. So use that function in pages where you dont want https and use CommonHelper.EnsureSSL() where you want https.
I am using nop version 1.3 In that version, we have if (!Page.IsPostBack) CommonHelper.EnsureNonSSL();
CommonHelper.EnsureNonSSL() :: This function automatic redirect https to http. So when you put this function in default.aspx and you come on home page with https then above function will redirect it to http. So use that function in pages where you dont want https and use CommonHelper.EnsureSSL() where you want https.
I have no idea about higher versions.
I've been trying to get SSL to work on the contact form but nothing seems to be working. I've used the following syntax: