ASP.NET Machine Key Generator. This tool will generate a valid random machine key used by ASP.NET for encryption, decryption, validation of forms-authentication and view-state data, and other purposes. Select your target version of ASP.NET and click the Generate Keys button. You can then copy the result and paste it into the.
There are few scenarios that you want to add MachineKey into your web application’s web.config:
- You have a web farm and in each server the machine.config set to auto generate machinekey.
- You want to use “Encyrpted” password format in ASP.NET membership provider.
- You get intermittent error of “Validation of viewstate MAC failed…..”
To fix problem #3, you can also set one of all these in the <page settings:
<page enableEventValidation=”false” viewStateEncryptionMode=”Never” enableViewStateMac=”false”
However you have to be aware of the risk of this change, as it opens door for ViewState value tampering. (Joteke has an intersting finding on large pages having gridview control. Basically in this case, you have to set above values for avoid the error, which is casued by the position of a hidden field containing some encrypted information.)
Here are 2 online tools to generate the random machine key for you: this and this. A sample MachineKey node:
<machineKey
validationKey=”56AB7132992003EE87F74AE4D9675D65EED8018D3528C0B8874905B51940DEAF6B85F1D922D19AB8F69781B2326A2F978A064708822FD8C54ED74CADF8592E17″
decryptionKey=”A69D80B92A16DFE1698DFE86D4CED630FA56D7C1661C8D05744449889B88E8DC”
validation=”SHA1″ decryption=”AES”
/>
The <machineKey> should be put inside <system.web> section.
Please refer to MSDN for documentation: syntax and overview.
-->The implementation of the <machineKey> element in ASP.NET is replaceable. This allows most calls to ASP.NET cryptographic routines to be routed through a replacement data protection mechanism, including the new data protection system.
Package installation
Note
The new data protection system can only be installed into an existing ASP.NET application targeting .NET 4.5.1 or later. Installation will fail if the application targets .NET 4.5 or lower.
To install the new data protection system into an existing ASP.NET 4.5.1+ project, install the package Microsoft.AspNetCore.DataProtection.SystemWeb. This will instantiate the data protection system using the default configuration settings.
When you install the package, it inserts a line into Web.config that tells ASP.NET to use it for most cryptographic operations, including forms authentication, view state, and calls to MachineKey.Protect. The line that's inserted reads as follows.
Tip
You can tell if the new data protection system is active by inspecting fields like __VIEWSTATE, which should begin with 'CfDJ8' as in the example below. 'CfDJ8' is the base64 representation of the magic '09 F0 C9 F0' header that identifies a payload protected by the data protection system.
Package configuration
The data protection system is instantiated with a default zero-setup configuration. However, since by default keys are persisted to the local file system, this won't work for applications which are deployed in a farm. To resolve this, you can provide configuration by creating a type which subclasses DataProtectionStartup and overrides its ConfigureServices method.
Below is an example of a custom data protection startup type which configured both where keys are persisted and how they're encrypted at rest. It also overrides the default app isolation policy by providing its own application name.
Asp Net Machine Key Generator Reviews
Tip
You can also use <machineKey applicationName='my-app' ... /> in place of an explicit call to SetApplicationName. This is a convenience mechanism to avoid forcing the developer to create a DataProtectionStartup-derived type if all they wanted to configure was setting the application name.
Asp Net Machine Key Generator For Sale
To enable this custom configuration, go back to Web.config and look for the <appSettings> element that the package install added to the config file. It will look like the following markup:
Fill in the blank value with the assembly-qualified name of the DataProtectionStartup-derived type you just created. If the name of the application is DataProtectionDemo, this would look like the below.
The newly-configured data protection system is now ready for use inside the application.