My site just did a redesign and now the SSL's do not work as desired
and I have no clue why.  

Here is the scenario:

The Home page on initial connection is NOT using SSL. 

I can select any noon SSL page and remain a noon SSL page

I select one of the 2 SSL pages and I get SSL (ie: https in the address
bar and the lock icon in the browser)

>From this point on every page is now defined as SSL.  I see this by
any link on the page and the link displayed in the lower left corner is
listed as https.  If I choose the link the address bar is https and the
lock icon appears.

The problem is that if I choose any of the links back to the Home page I
get the POP up "This page contains both secure and non secure item."

The address bar stays as https but the lock icon disappears.

No changes were made to the httpd.conf or ssl.conf files.

I have the following redirects in place and I can see the first 2
working when I enable rewrite logging.

I never see the 3rd one run.
RewriteCond %{HTTPS}             !=on
RewriteCond %{REQUEST_URI}        ^.*/cf/store/.*
RewriteRule ^/(.*)                https://%{SERVER_NAME}/$1  [L,R]

## For Digsig
RewriteCond %{HTTPS}             !=on
RewriteCond %{REQUEST_URI}        ^.*/cf/digsig/.*
RewriteRule ^/(.*)                https://%{SERVER_NAME}/$1  [L,R]

## For Everything Else
RewriteCond %{HTTPS}            =on
RewriteCond %{REQUEST_URI}      ^.*/.*
RewriteRule ^/(.*)              http://%{SERVER_NAME}/$1 [L,R]

Any suggestions as to what or where to look would be greatly
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to