By default when SecureUrls=YES, the webagent will reject any request to an FCC that does not have SMQUERYDATA in the query string, and will throw a HTTP 500 error.
However, a switch in smpwservices.fcc called @smpwselfchange will undo this requirement for the smpwservices.fcc, so that users can do User Initiated Password Change while having SecureUrls=YES.
Following error is logged in webagent trace log.
[CSmHttpPlugin::ProcessResource][Error. Unable to handle request in Secure Mode.]
Set @smpwselfchange directive in smpwservices.fcc is (i.e.) @smpwselfchange=1 and SecureUrls=yes.
Set the ACO parameter SecureUrls to "yes".
Open smpwservices.fcc and set @smpwselfchange=1
Open a browser and access the password services FCC with no SMQUERYDATA, but with SMAUTHREASON=34 (to mimic user initiated password change) such as:
The smpwservices.fcc with the template for User Initiated Password Change (username, old password, new password, confirm new password) will be shown.