I have an server where run an Tomcat Server with an Java App. Besides run also an Apache2 Server which work as reverse proxy where I had set 2 VirtualHosts. #HTTP(www/non-www) -> HTTPS(non-www) <VirtualHost *:80> ServerName mydom.com ServerAlias www.mydom.com Redirect permanent / https://mydom.com/ </VirtualHost> #ACTIVATE HTTPS AND REVERSE PROXY -> myapp <VirtualHost *:443> SSLEngine On SSLCertificateFile /opt/ssl/new/mydom.crt SSLCertificateKeyFile /opt/ssl/new/mydom.key SSLCertificateChainFile /opt/ssl/new/mydom.ca-bundle BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL ServerName mydom.com ServerAlias www.mydom.com ProxyRequests Off ProxyPreserveHost On ProxyPass / http://127.0.0.1:8080/myapp/ ProxyPassReverse / http://127.0.0.1:8080/myapp/ </VirtualHost> Code (ApacheConf): My problem is that session not persist between requests. At every request session have another id. I test this it with this: @Controller @RequestMapping(value = "/sess") public class TestSession{ @RequestMapping(method = RequestMethod.GET) public void mainPage(HttpServletRequest request, HttpServletResponse response) throws IOException{ HttpSession session = request.getSession(); response.setContentType("text/html"); response.getWriter().println(session.getId()); } } Code (markup): I access it like this: mydom.com/sess and on page is printed id of session. In first phase I thought is a problem at my app. But I tested it on localhost on my PC and everything works. Session persist. After a while I found the problem is at how I access my app. If I put in url bar https:// mydom.com/sess, session persist. If I put only mydom.com/sess(redirect to https), session not persist. How I can fix that?