Patch-Magento_Checkout-M2.2.x-drop-session-fix.patch

--- Controller/Index/Index.php
+++ Controller/Index/Index.php
@@ -32,11 +32,35 @@ class Index extends \Magento\Checkout\Controller\Onepage
             return $this->resultRedirectFactory->create()->setPath('checkout/cart');
         }
 
-        $this->_customerSession->regenerateId();
+        // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
+        // @see http://php.net/manual/en/function.session-regenerate-id.php
+        if (!$this->isSecureRequest()) {
+            $this->_customerSession->regenerateId();
+        }
         $this->_objectManager->get(\Magento\Checkout\Model\Session::class)->setCartWasUpdated(false);
         $this->getOnepage()->initCheckout();
         $resultPage = $this->resultPageFactory->create();
         $resultPage->getConfig()->getTitle()->set(__('Checkout'));
         return $resultPage;
     }
+
+    /**
+     * Checks if current request uses SSL and referer also is secure.
+     *
+     * @return bool
+     */
+    private function isSecureRequest(): bool
+    {
+        $request = $this->getRequest();
+
+        $referrer = $request->getHeader('referer');
+        $secure = false;
+
+        if ($referrer) {
+            $scheme = parse_url($referrer, PHP_URL_SCHEME);
+            $secure = $scheme === 'https';
+        }
+
+        return $secure && $request->isSecure();
+    }
 }