I need to update the IIS Metabase to set the AspKeepSessionIDSecure property to True. How do I go about doing this?
My next question is what is the scope of this property? Most of our sites on this box are unsecure. So if we set the AspKeepSessionIDSecure property to true, will this affect all the sites and in turn take down the sites that are not secure?
Open IIS > Right click on Server properties> check allow direct metabase edit
Go to system32\inetsrv
locate metabase.xml open it in notepad and change the desire text and save.
Before proceed take a backup of metabase.xml
Ans2. it Sends the ASP session cookie to a browser securely.