Applying, secure URL to a Magento store, could have been like applying butter over bread, if we go by every post or tutorial available over the web. But it turned out to be a brain-exhausting experience for me.
The issue I faced was as follows:
- user adds a product to cart.
- when clicked on “Proceed to Checkout” button, Magento used to redirect user back to cart page with the message, “Shopping Cart empty”.
- I used to loose login session, whenever i tried to move to HTTPS on URL.
I tried, every kind of tip and trick available, to fix this but to no relief.
Finally, I figured that the server had ‘Suhosin Extension‘ installed.
This extension used to encrypt the session values, and hence Magento was unable to find the session with the new encrypted name, so it brought all the trouble.
the workaround to this would be to add, the following line in .htaccess:
php_flag suhosin.session.encrypt Off
if you too have you session handled by filesystem, as i had, you can add the following too to resolve issues with user’s session being lost:
php_flag suhosin.session.cryptdocroot Off