SSL Not Enabled in Shipping and Payment checkout

[Tylas]

Sorry, yup you were right. Somehow my FTP program cached my changes to the includes/configure.php file so they looked they changed but weren't. So the checkout is working, but the admin login page is still unencrypted - is there any way to fix that?

[DrByte]

same way ... there's an admin/includes/configure.php file

[Tylas]

Okay, I triple checked and this is what I changed on the admin/includes/configure.php file:

* If you desire your *entire* admin to be SSL-protected, make sure you use a "https:" URL for all 4 of the following:
*/
define('HTTP_SERVER', 'https://kernroadfarm.com');
define('HTTPS_SERVER', 'https://kernroadfarm.com');
define('HTTP_CATALOG_SERVER', 'https://kernroadfarm.com');
define('HTTPS_CATALOG_SERVER', 'https://kernroadfarm.com');

// Use secure webserver for catalog module and/or admin areas?
define('ENABLE_SSL_CATALOG', 'true');
define('ENABLE_SSL_ADMIN', 'true');

It logs onto the admin site in SSL, but I can just take the s out of https:// and I can still mess with the admin side. Is there anything else to change?

[DrByte]

It's working as presently designed.

On almost any website you'll be able to take the "s" out of "https" and access the site. In some cases it will auto-switch you back to https immediately, or it will deny access if the host has set up certain .htaccess rewrite rules.
With Zen Cart, if you get into the page as non-https, then as soon as you click on a link or submit a form, it will force it back into https so that everything you've submitted is protected. (This all assumes you've used https on all the URLs in your admin configure.php file.)
If you want finer control than that, you'll have to get creative with .htaccess rewrite rules.

[Tylas]

Okay, I thought I could get the actual admin login page to go into SSL mode but it really isn't a big deal. Thanks for all the help guys!!

[DrByte]

The actual admin login page does operate in SSL mode.