If you notice the following issues on your shopping cart:
There are 2 possibilities that may cause these issues. Below are the explanation and also the workaround.
1) Shared SSL
The easy way to see if you are running shared SSL is to check the domain name of the HTTPS page. If the full domain name is different from your shopping cart domain, your are almost certainly running on Shared SSL certificate.
For example : :
http://www.myshoppingcart.com -> https://secure.mywebhost.com/myaccount (This is SHARED SSL)
http://www.myshoppingcart.com -> https://www.myshoppingcart.com (This is DEDICATED SSL)
VP-ASP does not support shared SSL and will not work properly with it. When the customer is being transferred to the secure area, the web browser will use a new session ID due to the different domain name and thus the references to the previous session will be lost.
If you do require an SSL certificate, we highly recommend you to use a dedicated SSL certificate. You may need to check with your hosting to provider to ensure they allow dedicated SSL on your account.
2) IIS setting "New ID on Secure Connection (keepSessionIdSecure)" is enabled.
If you have a dedicated SSL installed but still having the same issue, your sever may have the IIS option "New ID on Secure Connection (keepSessionIdSecure)" enabled.
If this is the case, a separate session ID will be used for the HTTPS page and the cart will not be able to access the old session that hold the content and the cart and thus you will experience "Cart is empty" issue.
To resolve this, you will need to disable the option "New ID on Secure Connection (keepSessionIdSecure)" which can be found on IIS -> ASP -> Session State configuration folder.
Alternatively, you could also create a web.config file with the following content: