How do I force users to go SSL but not force campaigns to do so?

[mgaudette]

I'm using Apache and Sugar 4.5.0.

I'd like my users to be forced to use HTTPS, for obvious reasons. (sometimes they are logged in coffee shop with unsecured wireless). I am not using a real certificate from a known CA. Thats not a problem for anyone here.

BUT, I want the campaign tracker links NOT to use HTTPS, but HTTP. Because I don't want my targets to have
this "certificate warning" popup.

Is there a way to do this? Stopping HTTP from Apache works, but then again campaigns are sent using HTTPS links. Permitting both allow the users to get in with HTTP instead of HTTPS.

Any help or hint is welcomed.

Mike

[florenceit]

you cant just setup the bookmark link (or pass it out however you do it) for your users to the https site, while specifying in sugar the site url referencing straight http? this is what i do. you could setup some alias website name with apache that forwarded to https one way or another im sure , but the same thing is acomplished the first way. after all you are the one telling the,m where to go.

actually, i was just thinking: you could probably use apache's mod_rewrite for whatever php files are used on the login screen and force that over to an https adderess. im not an expert on this, but im pretty sure you can do this as ive done similar but not involving secure/nonsecure, though i dont see why it should make a difference.

[sebek]

I would also like to do this, force https on entire sugar (no problem - just apache redirect), but the to exclude url trackers form https (targets don't like to click - accept certificate in browser )

Thanks for any help.