Hey gang,

Hoping someone can help me with my SSL woes...

I have a small (5 page) C5 installation in a /buy2 directory for a client (will be /buy when launched). It's using the eCommerce plugin.

Basically, I enforced HTTPS in the .htaccess of the main, static site in the web root with the following:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$http://www.spinfarming.com/$1 [R,L]

Then, I tried to do the same for the C5 install in /buy2/.htaccess (spinfarming.com/buy2/):

# -- concrete5 urls start --
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /buy2/
RewriteCond %{HTTPS} off
RewriteRule (.*)https://%{HTTP_HOST}%{REQUEST_URI}... [R,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule . index.php [L]
</IfModule>
# -- concrete5 urls end --

Adding

RewriteCond %{HTTPS} off
RewriteRule (.*)https://%{HTTP_HOST}%{REQUEST_URI}... [R,L]

Per this How To:http://www.concrete5.org/documentation/how-tos/developers/force-htt...

Additionally, my site.php file shows:

define('BASE_URL', 'https://www.spinfarming.com/');

When I move around those pages the HTTPS icon flashes briefly, then disappears. And, more problematic, when checking out to PayPal using IE 7/8, there is a security 'unencrypted content' warning...

Any ideas? Thanks!

Joel