Skip Navigation
How do the SEC_ADMIN_HTTPS and SEC_END_USER_HTTPS keys work?
Answer ID 10562   |   Last Review Date 01/29/2019

How do we control the enforcement of SSL on our console, or end-user pages?


Sites that use custom domain SSL
All supported versions


We are interested in modifying the way SSL/TLS is enforced for our site/interface..


There are two primary configuration settings that control SSL/TLS behavior for your site/interface. The SEC_ADMIN_HTTPS setting controls the behavior for the .NET admin console. SEC_END_USER_HTTPS controls the behavior for your end-user pages.

Enabling both will mean that SSL/TLS is forced. This is the most secure method but can lead to issues in various areas of the product if the respective SSL/TLS certificate is not in good standing for any reason. 

If these settings are disabled, then the client device's request is honored, meaning that if an end-user enters HTTP in their browser, the communication will use that, while if they enter HTTPS it will use SSL/TLS, assuming there are no cert issues present.

These settings are only configurable by Technical Support. If you would like to make a change please submit a service request via Ask Technical Support.

Available Languages for this Answer:

Notify Me
The page will refresh upon submission. Any pending input will be lost.