Versions: (From Server/Version Page in admin)
PHP Version: 4.4.2 (Zend: 1.3.0)
Server OS: Linux 2.6.9-39.0.2.EL
Database: MySQL 4.0.25-standard-log
HTTP Server: Apache/1.3.36 (Unix) mod_gzip/1.3.19.1a FrontPage/5.0.2.2635 PHP/4.4.2 mod_ssl/2.8.27 OpenSSL/0.9.7a
Further info: alarmingly, the session seems to change its id quicker than the timeframe of 24 minutes. If I go to my checkout (which is SSL) then browse other items (using a sidebox, the bettercategories one) i go out of SSL mode to a normal http:// page. I can navigate for a bit, but usually i find that a couple of pages later, I cant go back to 'my account' without logging in again. (the invalid ssl session id message appears).
I made the changes suggested below by Ajeh, and I needed both to get past the previous problem. Using my modded login box contrib, i can see the logged in user session is not lost when it switches from https to http.
I'm really clicking things in any order, I really want to try and break this myself (as a user) with a chance to fix it before we go live!
Thanks again for your time!!



