Don’t feel stupid… it took me several days to figure it out!!
Since the last post, I’ve re-jigged the Apache rewrites so only calls to wp-login.php are forced to HTTPS and all others are rewritten to HTTP. I then put the “WordPress address (URL)” back to plain old HTTP and everything is still working.
It means I am now using SSL only for the login process and nothing else… as it should be to keep the server load as low as possible.
I have found that any Apache re-writes does this. I have all HTTP requests to the wordpress and wp-admin directories rewritten to HTTPS and had the same issue. I did this to force login with SSL, and then have all the other directories rewritten back to HTTP.
I fixed it by putting the “WordPress address (URL)” to “https://www.mysite.tld/blogpath” in the options. (Note the httpS)
