Commerce Service Center applications use SSL during user log in. When using HTTPS, you must disable the default access controller. The <ATG11dir>/Service11.0/Service/Framework/Agent/liveconfig/atg/userprofiling/ file identifies a number of settings required when using HTTPS.
ProtocolAccessController.properties
For more detail, see the section Ensuring HTTPS Connectivity in the Commerce Service Center Installation and Programming Guide, and Configure SSL in the Platform Installation and Configuration Guide.
