diff --git a/config/simplesamlphp/config/config.php b/config/simplesamlphp/config/config.php
index 3817bb94e80188d5905bc180e8a9dfd8e9875c6a..8309f0e3afdec5ce7a2636706b61683e6fa49ce4 100644
--- a/config/simplesamlphp/config/config.php
+++ b/config/simplesamlphp/config/config.php
@@ -566,14 +566,14 @@
      * through https. If the user can access the service through
      * both http and https, this must be set to FALSE.
      */
-    'session.cookie.secure' => false,
+    'session.cookie.secure' => TRUE,
 
     /*
      * Options to override the default settings for php sessions.
      */
     'session.phpsession.cookiename' => 'SimpleSAML',
     'session.phpsession.savepath' => null,
-    'session.phpsession.httponly' => true,
+    'session.phpsession.httponly' => TRUE,
 
     /*
      * Option to override the default settings for the auth token cookie
diff --git a/vendor/simplesamlphp/simplesamlphp/config/config.php b/vendor/simplesamlphp/simplesamlphp/config/config.php
index 3817bb94e80188d5905bc180e8a9dfd8e9875c6a..8309f0e3afdec5ce7a2636706b61683e6fa49ce4 100644
--- a/vendor/simplesamlphp/simplesamlphp/config/config.php
+++ b/vendor/simplesamlphp/simplesamlphp/config/config.php
@@ -566,14 +566,14 @@
      * through https. If the user can access the service through
      * both http and https, this must be set to FALSE.
      */
-    'session.cookie.secure' => false,
+    'session.cookie.secure' => TRUE,
 
     /*
      * Options to override the default settings for php sessions.
      */
     'session.phpsession.cookiename' => 'SimpleSAML',
     'session.phpsession.savepath' => null,
-    'session.phpsession.httponly' => true,
+    'session.phpsession.httponly' => TRUE,
 
     /*
      * Option to override the default settings for the auth token cookie