Extract the WEB-INF/weblogic.xml file from your liferay.war:
jar -xvf WEB-INF/weblogic.xml
Edit WEB-INF/weblogic.xml
vi WEB-INF/weblogic.xml
Add the following to the <session-descriptor> tag:
<cookie-secure>true</cookie-secure>
Update your liferay.war file
jar -uf liferay.war WEB-INF/weblogic.xml
Now redeploy your liferay.war (update or delete/install) and your cookie should be changed to Secure: Yes.