My b2evolution Version:
My b2evo blog (version 3.3.1) http://www.whistl.com/blogs/index.php is hosted at hostmonster.com. I don't pay for a dedicated IP so I can't use my own SSL certificate, but the shared server I am on has it's own SSL certificate.
I want to use SSL to encrypt my session when I login and manage my website only, so I don't care that the SSL certificate CN doesn't match my domain name. I just don't want my login/password flowing unencrypted on the Internet.
When I try to use https://www.whistl.com/blogs/index.php , I am immediately redirected to http://www.whistl.com/blogs/index.php . I know it's not the webserver doing that, because I also have gallery2 installed and can access it via https://www.whistl.com/~whistlco/gallery2/main.php.
Why does b2evo redirect my https access to http? Do I have something misconfigured?
You need to set htsrv_sensitive ... or sumat, in /conf/_advanced.php ... it'll only protect your login pages though, not the whole of your blog
¥