Secure URL-only Server Configuration

The Intershop Commerce Management application may generate secure (https) and/or insecure (http) URLs with each response. Web applications should use secure URLs only in order to achieve a good search index position.

The Intershop Commerce Management application can be configured in order to generate secure URLs only and to redirect insecure requests to the corresponding secure URL.

To enable or disable secure only mode, the SecureAccessOnly property needs to be configured. The following settings are available:

Table 1. SecureAccessOnly property settings
Setting Description
true Enables the secure only mode which generates only secure URLs. Insecure requests will be redirected to the corresponding secure URL.
false Disables the secure only mode. Both secure and insecure URLs can be generated.

The SecureAccessOnly property can be set for sites, apps or the entire cluster (system-wide). Examples of possible configuration file locations are:

  • App-specific property:

    $IS_SHARE/system/config/apps/<appName>/ssl.properties

  • Site-specific property:

    $IS_SHARE/system/config/domains/<domainName>/ssl.properties

  • System-wide property:

    $IS_SHARE/system/config/cluster/ssl.properties