EP: Warning – No Switch to HTTPS occurred
In my time working alongside the Enterprise Portal I have come across multiple different types of error messages and exception warning popups. Such occurrences are often informative in their presentation and can lead the affected users down the path of achieving a straight forward resolution quite quickly. On some occasions different exception references appear which might at first glance appear confusing and may leave us perplexed as whether they are related to the Portal itself or the environment in which it functions. By environment here I am making reference to the landscape, the data accessed, applications utilized and external/internal dimensions of our business requirements.
“No Switch to HTTPS occurred”
In certain situations an error exception referencing “no switch to HTTPS occurred” will arise and we are going to address this now and explain why such a warning message would appear in the first place. Ordinarily encountering this particular messages goes hand in hand with initial Portal logon:
- Logon to the Enterprise Portal from desktop
- A popup message will appear (in full it reads)
- “Protocol cannot be switched to HTTPS, HTTPS is not configured active“
- “No switch to HTTPS occurred, so it is not secure to send a password“
Why would such a message appear?
There are several possible reasons as to why this particular warning message appears and it ordinarily comes down to SSO/SSL configuration discrepancies and a clean-cut resolution is specific to each customers system and setup. Obviously such a warning message can prove to be distracting to user bases and needs to be removed in order to maintain best practices and secure operations.
Solving the Issue & Removing the Message
If you want to go about removing the message and ensuring safe transmission of passwords is supported in your environment by the correct parameter settings the first core point of reference should be the following Knowledge Based Article:
- SAP KBA: 1857366 – No Switch to HTTPS Occurred
In true essence as the note highlights this popup exception warning deals with and is associated to no switch to HTTPS occurring (HTTPS recommended) so the password set to be transmitted encrypted and hence not in a secure manner.
- From a high level perspective naturally for external facing systems and any form of production systems HTTPS should always be used.
Nice one Troy. Indeed: this statement should be valid for every system in a company, to transport ANY business data without SSL is simply irresponsible.
Many thanks for the feedback it is greatly appreciated.
I agree completely and in some instances I've come actually come across non-ssl setup and mixed protocols which on most occasions is obviously unintentional but a serious concern nonetheless.
Again thank you for the feedback and if you have any Portal queries down the line feel free to reach out.
Kind Regards & All The Best
good work Troy!
Thanks Hemanth 🙂 greatly appreciated