I use a rewrite rule in Apache that forces them to https.
I know that it is not exactly what you want, but maybe it'll help.
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://webmail.example.com/ [R,L]
</VirtualHost>
Rdgs, S
On 01/01/2012 07:39 PM, Fred Bacon wrote:
> I just upgraded my company's Roundcube installation from 0.5.3 to 0.7,
> and I have an interesting problem.
>
> We have the force_https option set to true. In the past, if you went to
> the unencrypted address and tried to login, you would be redirected to
> the encrypted connection, and your login would succeed.
>
> Now, if you go to the http address and try to login, you are not
> redirected to the encrypted connection, and you get an error stating
> that "Your session is invalid or expired" when you try to login.
>
> Can anyone else confirm this error? It's not a show stopper, but it is
> a little annoying that the behavior is different. I'm sure to get
> complaints on Monday. *sigh*
>
> Thanks,
>
> Fred Bacon
> Aerodyne Research, Inc.
>
--
List info: http://lists.roundcube.net/users/
BT/8f4f07cd
