The scenario you describe is really a proxy server scenario. The Web server does not have an ssl certificate so it is not encrypting traffic but another server sits in front of the web server and and serves as a proxy for the real web server, it intercepts requests from the client web browsers and it encrypts traffic between itself and the web browsers, but behind the scenes it makes a non secure request to the web server, it gets the result and encrypts it and send it back to the browser.
The problem in this scenario is that the web server itself does not know the request is secure, from its own point of view it is not a secure request, but a standard request. More specifically the normal way we detect a secure request is to check
but in this scenario it always returns false, because as stated the traffic between the web server and the proxy server is not really secure, only the traffic between the proxy server and the web browser is secure.
So what happens when you set SSLIsAvailable to true, mojoPortal code is trying to secure the important pages such as login, register, user profile by redirecting non secure requests to make them secure. But since it can never detect a secure connection it results in a redirect loop.
One option, is leave SSLIsAvailable as false and ask the host or service provider if they have a way to force all traffic as secure. In other words mojoPortal code doesn't have to be the one doing redirects to force secure requests, the external provider may be able to do that for you.
There may be another way to make it work but it depends. Sometimes a proxy server will provide a custom server variable that can be used to tell the web server that it is a secure request. mojoPortal has configuration settings to tell it to look for a custom server variable but to do that we need to know the name of the custom variable and what value it should have.
What I would like you to do is look for this in Web.config and either change it to true there or copy it to user.config and make it true in user.config
<add key="EnableDeveloperMenuInAdminMenu" value="false" />
also for now set SSLIsAvailable as false
create a temporary user with admin role and privately send me credentials and the url to login. joe dot audette at g mail dotcom
That will allow me to look at Administration > Advanced Tools > Developer Tools > Server Variables
By looking at that page with both http and https I can see if there is any custom variable available. If there is then I may be able to tell you configuration settings to solve the problem.
after that you can delete the temporary user.