czep

Problem solved. nginx does not automatically set the _SERVER[‘HTTPS’] variable, which is how wp-login.php detects whether SSL is being used. Add this line to the nginx server configuration file (for your SSL connection only) to ensure that the HTTPS variable is set:

fastcgi_param HTTPS on;

My web server is nginx which does not rely on htaccess files, and I have no other plugins active as of this time. Based on searching the wordpress 2.7 installation files, I can see that FORCE_SSL_ADMIN is used in 5 files:

wp-login.php
wp-settings.php
wp-includes\functions.php
wp-includes\link-template.php
wp-includes\pluggable.php

I am going to look at each of these files to see if I can figure out why this particular directive is not working in 2.7. I will write back if and when I can find an answer.

When I use both, I get the same problem as if I use only FORCE_SSL_ADMIN alone.

I have the same problem with WP 2.7: FORCE_SSL_LOGIN works but FORCE_SSL_ADMIN results in an infinite redirect loop. I, too, would prefer to use FORCE_SSL_ADMIN as it encrypts the entire admin session, not merely the exchange of cookies. According to Ryan’s post on SSL and Cookies, you should be able to use either one of these statements alone, not together.