machineKey in ASP.NET
The machine key is used to decode View State, Forms Authentication, Cookies and so on, if you used different machine key, the servers will generate different results when decode.
By default machine keys are generated when the application starts. This is bad in a load balanced environment as each server has a different key and they can't decode View State set by a different server
Yes ,we must set the same machine key in a load-balanced environment on each server. So, machineKey should be same in configuration file if we are deploying web site in web farm with load balancing.
Syntax:
Configures algorithms and keys to use for encryption, decryption, and validation of forms-authentication data and view-state data, and for out-of-process session state identification.
<machineKey
validationKey="AutoGenerate,IsolateApps" [String]
decryptionKey="AutoGenerate,IsolateApps" [String]
validation="HMACSHA256" [SHA1 | MD5 | 3DES | AES | HMACSHA256 |
HMACSHA384 | HMACSHA512 | alg:algorithm_name]
decryption="Auto" [Auto | DES | 3DES | AES | alg:algorithm_name]/>
So, to generate machineKey we have to go to IIS and can create key value with Machine Key configuration application. once you generate machine key then we have to specify same values in configuration file as like below.
The following code example demonstrates how to set the validationKey attribute and the decryptionKey attribute to manually generated random values. The validationKey attribute is set to a 256-bit long key for the HMACSHA256 hash algorithm, and the decryptionKey attribute is also set to a 256-bit long key, the longest possible for the AES encryption algorithm. These are examples only and should not be used in your application
<machineKey
validationKey="32E35872597989D14CC1D5D9F5B1E94238D0EE32CF10AA2D2059533DF6035F4F"
decryptionKey="B179091DBB2389B996A526DE8BCD7ACFDBCAB04EF1D085481C61496F693DF5F4" />
By default machine keys are generated when the application starts. This is bad in a load balanced environment as each server has a different key and they can't decode View State set by a different server
Yes ,we must set the same machine key in a load-balanced environment on each server. So, machineKey should be same in configuration file if we are deploying web site in web farm with load balancing.
Syntax:
Configures algorithms and keys to use for encryption, decryption, and validation of forms-authentication data and view-state data, and for out-of-process session state identification.
<machineKey
validationKey="AutoGenerate,IsolateApps" [String]
decryptionKey="AutoGenerate,IsolateApps" [String]
validation="HMACSHA256" [SHA1 | MD5 | 3DES | AES | HMACSHA256 |
HMACSHA384 | HMACSHA512 | alg:algorithm_name]
decryption="Auto" [Auto | DES | 3DES | AES | alg:algorithm_name]/>
So, to generate machineKey we have to go to IIS and can create key value with Machine Key configuration application. once you generate machine key then we have to specify same values in configuration file as like below.
The following code example demonstrates how to set the validationKey attribute and the decryptionKey attribute to manually generated random values. The validationKey attribute is set to a 256-bit long key for the HMACSHA256 hash algorithm, and the decryptionKey attribute is also set to a 256-bit long key, the longest possible for the AES encryption algorithm. These are examples only and should not be used in your application
<machineKey
validationKey="32E35872597989D14CC1D5D9F5B1E94238D0EE32CF10AA2D2059533DF6035F4F"
decryptionKey="B179091DBB2389B996A526DE8BCD7ACFDBCAB04EF1D085481C61496F693DF5F4" />
Comments
Post a Comment