On Friday 22 February 2002 08:53 pm, duncan gray wrote: > Ok, you guys I guess are getting sick of this so ill > try and be brief, I discoverd its very easy to enable > ssl on your server e.g. site setting turn on ssl, then > go to the ssl certificate page, fill in the details > and create your self signed certificate.. Now the > question is when i type in > https://www.myserver.com/admin > (after saying yes i accept this dodgy certificate) > it gives me the admin page login, I put my details in, > but once the I click ok I notice that the admin pages > have defaulted back to http:// instead of https://
This is not normal. it should stay in https What browser are you using, and have you tried it with different browsers? > I dont think that this is that important as long at > the main login bit was done using the encryption, but > my question is .. is it? or is a redirect or something > going on first which is redirecting it to the login > bit with out the encryption. The answer is how does one actually find out?, unless you have a sniffer. As a SWAG the login is encrypted. -- Gerald Waugh _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
