Update
Actually these settings are equivalent just when I do it through the GUI in IIS it updates the
applicationHost.config
not theweb.config
file, maybe this is the difference? TheapplicationHost.config
can be found in%SystemRoot%\System32\inetsrv\config
.As you are working in a Shared Hosting Environment you may not have access to that though. The other thing that occurred to me is your configuration value the
<location>
path
attribute is set toDefault Web Site
. I'm guessing this will not be the name of your Shared Hosting Website, I would just remove thepath
attribute so it applies configuration to the current directory.
For ASP you need to specify New ID on Secure Connection
equal to False
under the ASP section in the IIS configuration (See image). By default ASP will create a new cookie when switching between secure and insecure connections, setting it to False will maintain the same cookie across HTTP and HTTPS.