It might be cleanest to troubleshoot why you're seeing errors when encrypting all the traffic. You might be able to fix the errors by removing absolute references to HTTP from within the page content. To make changes to the HTTP content, you can use a stream profile (
Click here). To make changes to the HTTP headers, you can use the HTTP::header commands (
Click here).
If you do try to serve some of the content via HTTP and some via HTTPS, there are a few potential issues:
- It's likely that the browser will generate an insecure content warning if you're referencing HTTP content within a document that the client requested over HTTPS.
- If you redirect from HTTPS to HTTP, some browsers will generate a warning that the client is being redirected from a secure to non-secure connection.
- Lastly, if the user is submitting a request with their personal info, new username (and password?), it might be one area of the app you would want to secure with HTTPS.
If you want to try encrypting all traffic, could you provide more detail on what in the requests is failing?
Else, if you want to go with selective encryption, I imagine you would need to modify the HTTP headers and/or page content being sent back to the clients to indicate they should request specific content via HTTP.
Once you provide more detail on what you'd like to do, we can provide some pointers for how to do it.
Aaron