IsolateApps causes Decryption key specified has invalid hex characters

StackOverflow https://stackoverflow.com/questions/15002960

Question

I working on a MVC 4 site which has uses Authentication. The site requires that I specify the Machine Key values. I did this via the IIS interface having deselected the "automatically generate at runtime", generated the key values and having selected "generate a unique key for each application"

The web.config entry looks something like this:

<machineKey decryption="DES" decryptionKey="{hex-key value},IsolateApps" 
    validationKey="{hex-key value},IsolateApps" />;

While this seems to work fine on another web project it causes the "Decryption key specified has invalid hex characters" error on the dev machine I am working on now (both in IIS-Express and IIS 7.5).

Removing ",IsolateApps" from the key values solves the issue but since I need this option on in production I dont want to be removing it now only to have this issue when deploying.

What gives? The dev box is a SQL 2008 R2 box with .net 2.0 and .net 4.0.

Was it helpful?

Solution

The IsolateApps modifier causes ASP.NET to generate a unique key for each application on your server. This is only applicable if you are getting ASP.NET to auto-generate keys at runtime.

If you are not getting ASP.NET to auto-generate keys, and are instead specifying the keys using decryptionKey="{hex-key value}", then the way to get ASP.NET to use a different key for each application is to simply specify a different key in each application's Web.config.

The IIS config GUI allows you to create a Web.config with an explicit key together with the IsolateApps modifier, which is invalid, and in my opinion is a bug in the config GUI.

OTHER TIPS

You can fix the issue by adding the following to the machineKey element (compatibilityMode="Framework20SP1") in the web.config See Link

This can be fixed by adding the machineKey line into your web.config, and specifying your keys as shown below (use your own key though of course, this one is easily guessable):

<configuration>
 <system.web>
  <machineKey decryptionKey="0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0" validationKey="0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF00123456789ABCDEF0123456789ABCDEF0123456789ABCDEF00123456789ABCDEF0123456789ABCD" />
 </system.web>
</configuration>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top