I had the same problem up until a few minutes ago. It is exactly what you said. The store default URL is probablt set to http://www.website.com but the SSL switches to https://website.com and in doing so drops the cart contents.
Set your default store URL to remove the www part and also your set your server to send all request for http://www.website.com to http://website.com
All 3 stores in my multistoret system now work correctly.
Thank you! But unfortunately my case is slightly different. In your case it is the "www" part, or subdomain, out of "www.domain.com" that changes; in my case it is the "domain.com" part. My insecure site is "www.store1.com" and my secure site is "store1.secure.com".