Can my software application maintain state when switching from normal HTTP (non-secure) protocol to HTTPS (secure) protocol?

When you change from non-secure (HTTP) to secure protocol (HTTPS), any cookies or client variables you are using with one protocol will not be recognized from one state to the next.
 
This is true since the web server views activity under each different protocol as completely different user sessions, so it does not maintain variable state between the two different protocols.
 
This is true whether or not you use a shared or dedicated SSL certificate. Because of this, it is best to use HTTP protocol for most user activity, and only switch to HTTPS protocol for sensitive data gathering, and then after receiving the data, provide a deliberate and compelling hyperlink that takes the user back into HTTP protocol.
 
For example, to go into secure mode, you would provide a hyperlink like:
https://www.domain.com/shoppingcheckout.htm and after checking out, the user would be presented with a hyperlink like:
 

 

  • Email, SSL
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What is the difference between shared SSL and private SSL?

A shared SSL displays as https://ip/~yourusername/. A private SSL would display as...

Why are my FrontPage extensions not working?

You must first make sure you have installed the extensions from going into your cpanel and...

Application Paths

Here are the applications paths. If you do not see what you are looking for, please email...

Custom error pages

To create a custom error page for your account you will need to upload a file with the...

How do I use SSL to setup my email?

Set your mail server to the host name for SMTP/POP3/IMAP (instead of domain.com) and then make...