I recently had an SSL cert installed for my website so turned on securewebpages but this caused the site to have an infinite redirect loop when it tried to redirect to https.

My config is currently
<secureWebPages mode="On">
            <file path="/profile/login.aspx"></file>
            <file path="/profile/register.aspx"></file>
            <directory path="/checkout"></directory>
  </secureWebPages>

Using firebug I can see that the location in the response header is the correct https uri and the response code is 302 Found.

When I turn secureWebPages off and navigate to any page under https it works fine.

Any ideas?

Cheers
Tim

Hi Tim,

Please read a list of troubleshooting tips that we compiled here -- http://docs.mediachase.com/doku.php?id=ecf:41:tutorials:ssl

Hope this helps.

Mediachase Software 

I have sorted the issue now.

It was due to my server hosts configuration. For some reason it was never returning the absolute URI having https therefore the SSLFilter module was continuously redirecting to https.

The host admin told me to search for the  Header value X-HTTPS rather then rely on the Absolute URI or servervariables.

I downloaded the source from the link below and made the changes as mentioned in the highlighted forum post but used Request.Headers["X-HTTPS"] == "on" rather than

Request.ServerVariables["HTTP_CLUSTER_HTTPS"] != "on"

http://www.codeproject.com/KB/web-securit/WebPageSecurity_v2.aspx?msg=2641746#xx2641746xx

Cheers
Tim

Hi Tim,

Glad you were able to sort it out. Thanks for your contributions!

Best,
Richly
Mediachase