[ic] Force SSL on all IC Web Pages

Kevin Walsh kevin at cursor.biz
Mon Aug 7 21:31:02 EDT 2006

"Tommy Pruitt" <tpruitt at pruittcom.com> wrote:
> This is probably an apache question but....
> How can I force all users to https when going to my pages that are IC?
> If I enter https://www.mywebsite.com/ I get the lock and can see that my
> certificate is valid.  As soon as I make a selection from my products
> menu my "s" goes away.  Thanks for any help.
Check your catalog.cfg file for "VendURL".  The VendURL is probably
built from variables.  Find out how the VendUrl is built and change
the appropriate part from "http" to "https".

For instance, if your VendURL looks like this:

    VendURL  http://__SERVER_NAME____CGI_URL__

Then change it to look more like this:

    VendURL  https://__SERVER_NAME____CGI_URL__

Any URIs built by Interchange (using [area] and [process] etc.) will
use the VendURL config directive's value.

That won't prevent people from visiting your website using straight HTTP
(you cab enforce that using your the Apache config), but it will ensure
that all links point at HTTPS pages.

   _/   _/  _/_/_/_/  _/    _/  _/_/_/  _/    _/
  _/_/_/   _/_/      _/    _/    _/    _/_/  _/   K e v i n   W a l s h
 _/ _/    _/          _/ _/     _/    _/  _/_/    kevin at cursor.biz
_/   _/  _/_/_/_/      _/    _/_/_/  _/    _/

More information about the interchange-users mailing list