force_ssl_login should only redirect the login screen. are you sure you are using this config only? pls post your config.ini.php

Attachment: Configuration file
config.ini.php

Matt, thank you for taking time to respond to this ticket. I've created an attachment with my config.ini.php
I've replaced the stuff dealing with passwords.

I've got the same behavior.
When i switch force_ssl_login=1 it will change the login page to HTTPS. So far it is right!
After successfull login it will not switch back to HTTP. Therefore the OverlayPage is trying to use HTTPS to the web page i'm tracking. But there is no HTTPS avialable.
Eather the OverlayPlugin uses HTTP or HTTPS as configurable parameter or a switch back to HTTP after login PIWIK will do the job.

My proposal is to save the compelete "URLs" like "http://myside.com" or when used HTTPS then "https://myside.com" in the "configuration -> websides" configuration page.

The "OverlayPage" should use precise this URL. So it is possible to use HTTP or HTTPS in the OverlayPage URL in the way the web side is accessable without dependence of accessing the PIWIK web side.

Best regards!

In a7c4cf9: Refs #3691, refactor Goals 'conversions by type of visit' template/logic into reusable View in CoreHome.

Notes:

• Removed need for initial AJAX loading in new view.

Wrong ticket, a7c4cf9 refs #3619.

I dont actually see as a bug that we stay on SSL...

well, then I would characterize the force_ssl_login option at least as "unclear" in what it does. I would expect that it just forces the login screen to be in a ssl connection, whereas

1. it forces all access to piwik to be in SSL, and not only the login screen (what would be the difference with force_ssl??)
2. it brakes features of piwik's web interface for non SSL sites.

This should be worth at least a comment or explanation in the documentation

Actually there is already a bug report which I just found: #4001