I wonder whether someone can advise please ...
We currently use HTTP for internal traffic across a private line to a hosted web dispatcher and SAP Enterprise Portal. However we now have a requirement to allow external customers to access this Portal - but because this is traffic will be over the public web, we will be forcing them to use HTTPS to the web dispatcher /EP.
We are being advised that best practice is to avoid mixed protocols (HTTP and HTTPS) on a web dispatcher. This means that to allow our external customers access via HTTPS only, we will have to start using HTTPS internally. This is an inconvenience, since our traffic is purely internal - and will mean changing our internal URL for thousands of users.
Is it correct that mixed (HTTP and HTTPS) protocols should not be handled by the web dispatcher? If so - are perhaps missing a trick - is there a cunning way of forcing external customers to use HTTPS to access the EP, whilst retaining our internal access over HTTP?