I'm using the force_ssl_login option to force the login screen to use SSL. Now I want to use the new overlay feature and am confronted with a message that "The Page Overlay session couldn't be launched yet."
From the faq I see that this happens because piwik uses SSL and the overlayed site does not support it. I tried to change the URL in my browser from https://mypiwikhost/xxxx to simple http, but this redirects again to the https version because of this force_ssl_login option. When I disable the force_ssl_login option, I see the overlay with no problems.
So the issue is that with the force_ssl_login option I can't use the overlay function on non SSL Sites. It seems that not only the login screen but all the piwik actions are redirected to SSL.
Keywords: overlay force_ssl_login
force_ssl_login should only redirect the login screen. are you sure you are using this config only? pls post your config.ini.php
Matt, thank you for taking time to respond to this ticket. I've created an attachment with my config.ini.php
I've replaced the stuff dealing with passwords.
I've got the same behavior.
When i switch force_ssl_login=1 it will change the login page to HTTPS. So far it is right!
After successfull login it will not switch back to HTTP. Therefore the OverlayPage is trying to use HTTPS to the web page i'm tracking. But there is no HTTPS avialable.
Eather the OverlayPlugin uses HTTP or HTTPS as configurable parameter or a switch back to HTTP after login PIWIK will do the job.
The "OverlayPage" should use precise this URL. So it is possible to use HTTP or HTTPS in the OverlayPage URL in the way the web side is accessable without dependence of accessing the PIWIK web side.
In a7c4cf9d9c3b3a172acd30e07c68974826aa61e6: Refs #3691, refactor Goals 'conversions by type of visit' template/logic into reusable View in CoreHome.
Wrong ticket, a7c4cf9d9c3b3a172acd30e07c68974826aa61e6 refs #3619.
I dont actually see as a bug that we stay on SSL...
well, then I would characterize the force_ssl_login option at least as "unclear" in what it does. I would expect that it just forces the login screen to be in a ssl connection, whereas
1) it forces all access to piwik to be in SSL, and not only the login screen (what would be the difference with force_ssl??)
2) it brakes features of piwik's web interface for non SSL sites.
This should be worth at least a comment or explanation in the documentation
Actually there is already a bug report which I just found: #4001