Okay, I feel really embarrassed. SslRequirement.disable_ssl_check = true
was not part of production environment. Last time I checked that, I grepped and didn't check the filename - it comes enabled in the development environment. So, for reference: If you don't use the setting above, the plugin is going to jump between protocols depending on ruby class attributes it seems, providing a way to register "Need SSL all the time" actions and redirects any other traffic to http. After looking at the stuff now I think the idea was that you "return" to http if your "elevation" for login/whatever is fulfilled. But it downgrades to http unconditionally in that method for everything that doesn't care about the protocol. Bottom line: This is solved for me. I really thank everyone for wasting time on this/me and hope this might help someone else in the future.. -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com