Machine key generates a unique key which helps you on single form because it helps to protect your Form Authentication cookies and page level View state. When user sends a request and Server A receives response with form Authentication cookies, now again he sends a request which was received by Server B and attempted to decrypt form authentication cookies which was unsuccessful to decrypt because server A was using his own unique machine key and server B was using its own unique machine key to decrypt the form Authentication cookies. To avoid this problem, use the same machine key on all servers.
Generate Machine Key in IIS7
Let’s see the example on how to generate machine key for web site.
- Open your IIS Manager from Administrative tool -> Internet Information Services Manager.
- In Connection pane on left side of window, click on the website.
- Double click on Machine Key icon as shown below.
- You will see Machine key page, default encryption method is SHA1, you can change it from dropdown list as shown.
- Click on Generate Keys from Actions pane from left side of IIS window as shown.
- Message will be shown on Alerts pane, "The changes have been successfully saved."
- Open your Web.Config file, you will find the
<machineKey> inside the
<system.web> section as shown.
Note: Apply this machine key on all web farm servers; this is my generated machine key.