Enabling the HTTPS protocol for X-Cart when HTTPS is not correctly configured on your server breaks the access to X-Cart’s Admin interface. Please ensure that HTTPS has been set up correctly on your server before enabling HTTPS support in X-Cart Admin to avoid this unpleasant situation.
X-Cart has an "HTTPS status check" feature that helps detect some common problems like an SSL certificate missing or invalid. However, there is no 100% accurate method that we could use to tell whether a secure protocol is or is not working for your specific server configuration. For this reason, please, think twice when deciding whether HTTPS support may be enabled in X-Cart. Before clicking the button, you should know what you are doing, or it may mess up your site.
If this warning is too late and your X-Cart Admin area is already inaccessible due to HTTPS support being enabled on the wrong configuration, let's try and fix the problem. The most obvious solution would be to fix the problem with HTTPS on your server. As soon as HTTPS is working, you should be able to reaccess your store's Admin area.
If, however, it may not be possible to enable HTTPS properly at this time, you can restore access to X-Cart Admin by completing the following steps:
Reset the values of the fields admin_security and customer_security in your store’s database. You can find these fields in the table xc_config, provided that during X-Cart installation, you chose to use the
xc_MySQL table prefix. The following MySQL statement will select the fields in question from the database table xc_config:
SELECT * FROM `xc_config` WHERE `name` LIKE "%security%";
The following statement will reset the field values:
UPDATE `xc_config` SET `value`=0 WHERE `name`="admin_security" OR `name`="customer_security";
Remove the folder var/datacache/ in your X-Cart installation directory.