Machine key generates a unique key which helps you on single form because it helps to protect your Form Authentication cookies and page level View state. When user sends a request and Server A receives response with form Authentication cookies, now again he sends a request which was received by Server B and attempted to decrypt form authentication cookies which was unsuccessful to decrypt because server A was using his own unique machine key and server B was using its own unique machine key to decrypt the form Authentication cookies. To avoid this problem, use the same machine key on all servers.
Generate Machine Key in IIS7
Let’s see the example on how to generate machine key for web site.
- Open your IIS Manager from Administrative tool -> Internet Information Services Manager.
- In Connection pane on left side of window, click on the website.
- Double click on Machine Key icon as shown below.
- You will see Machine key page, default encryption method is SHA1, you can change it from dropdown list as shown.
- Click on Generate Keys from Actions pane from left side of IIS window as shown.
- Message will be shown on Alerts pane, "The changes have been successfully saved."
- Open your Web.Config file, you will find the
<machineKey> inside the
<system.web> section as shown.
Note: Apply this machine key on all web farm servers; this is my generated machine key.
Aamir Hasan is a Sr. Software Engineer and Technical Lead in a US based firm, having five years of experiences working in Software Design, Software Analysis, Business Intelligence, Web Development, Consultancy and Training, using SQL Server, .NET Framework and provides consultancy on how to design and develop .NET application with database solutions. Aamir is the founder of www.aspxtutorial.com
. He is a Microsoft Certified and SEO professional too. He is capable of coordinating off-shore high level web development projects.
asp.net Tutorial, sample code and demo