PHP session.cookie_secure: Disables sessions when set to true

Question

When I set the following config:

ini_set("session.cookie_secure", 1);

My whole application's session disables and I can no longer write to or read from session variables.

$sessionName = "us";
session_name($sessionName);
ini_set('session.cookie_httponly', 1);
ini_set('session.entropy_file', '/dev/urandom');
ini_set('session.hash_function', 'whirlpool');
ini_set('session.use_only_cookies', 1);
// ini_set('session.cookie_secure', 1);
session_start();
session_regenerate_id();

Is this config compatible with session.cookie_secure? PHP Manual doesn't seem to have explanation of all these configs. Manual

Answer 1

Setting session.cookie_secure to true means that it will only send the session cookie over a secure connection aka (SSL)

If you aren't using SSL then you won't be sending the session cookie in your requests

Read the PHP manual about session.cookie_secure.

Answer 2

session.cookie_secure specifies whether cookies should only be sent over secure connections (HTTPS). If you're using HTTP, you won't get any cookies from the server. That's why you don't have a session.

edit: I should be more accurate. You get the cookies, but your browser doesn't send them to the server, because you're not using a secure connection.