I learned some things reading this post, and came up with a workable, code-free configuration, as follows:
My testing showed that without sslRedirection="ToHttpsOnly",
page requests tend to redirect themselves to http:// protocol
regardless of whether they were https:// or http:// locations to begin
Adding the sslRedirection="ToHttpsOnly" prevents the page from
automatically redirecting itself to http://, while still allowing an
http:// request to be executed without a problem. This behavior occurs
when the page properties are default (it does NOT have Require SSL set
To maintain login page forced security, and a "preference" behavior site-wide for https:// , I set
login.aspx property Require SSL = Yes. Other pages are at the default
(No). web.config edited for: <cms sslRedirection="ToHttpsOnly"...
Now I get forced secure login, and default page requests defer to SSL. Works OK for me.
Sitefinity 3.7 SP4