For a client site the digital certificate is installed and working just fine if I create a link with "https://..." My questions are these: 1. Is there a way (other than with some kind of meta refresh) to force the browser to open SSL even if they don't type "https://..."? I.e., if a user tries to go to http://www.somedomain.com/index.htm it automatically redirects them to https://www.somedomain.com/index.htm 2. I use relative references for most of my links inside the site (checkout.asp, not http://www.somedomain.com/checkout.asp). Let's say that on completing checkout.asp (which is under SSL) they are going to get directed to thankyou.htm - how do I make it so that page is _not_ under SSL? I.e., it would go to http://www.somedomain.com/thankyou.htm, not https://... (It never ceases to amaze me how much I _don't_ know after all these years!) Thanks, Joel