Ahh the dreaded
“Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress”
I think I’ve finally solved this – turns out that is you 303 redirect things to make other things more secure, you also need to set a cookie on your browser making sure that HTTPS is specified as the cookie domain, not HTTP thus causing a cookie security origin mismatch…
At times like this, I wish I would just slow down a bit 😉