Adding machineKey to web.config on web-farm sites

by

This should answer:

How To: Configure MachineKey in ASP.NET 2.0 – Web Farm Deployment Considerations

Web Farm Deployment Considerations

If you deploy your application in a Web farm, you must ensure that the
configuration files on each server share the same value for
validationKey and decryptionKey, which are used for hashing and
decryption respectively. This is required because you cannot guarantee
which server will handle successive requests.

With manually generated key values, the settings should
be similar to the following example.

<machineKey  
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7
               AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"       

decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="AES"
/>

If you want to isolate your application from other applications on the
same server, place the in the Web.config file for each
application on each server in the farm. Ensure that you use separate
key values for each application, but duplicate each application’s keys
across all servers in the farm.

In short, to set up the machine key refer the following link:
Setting Up a Machine Key – Orchard Documentation.

Setting Up the Machine Key Using IIS Manager

If you have access to the IIS management console for the server where
Orchard is installed, it is the easiest way to set-up a machine key.

Start the management console and then select the web site. Open the
machine key configuration:
The IIS web site configuration panel

The machine key control panel has the following settings:

The machine key configuration panel

Uncheck “Automatically generate at runtime” for both the validation
key and the decryption key.

Click “Generate Keys” under “Actions” on the right side of the panel.

Click “Apply”.

and add the following line to the web.config file in all the webservers under system.web tag if it does not exist.

<machineKey  
    validationKey="21F0SAMPLEKEY9C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7
                   AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"           
    decryptionKey="ABAASAMPLEKEY56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
    validation="SHA1"
    decryption="AES"
/>

Please make sure that you have a permanent backup of the machine keys and web.config file

More Related Contents:

  1. How do you modify the web.config appSettings at runtime?
  2. Meaning
  3. Access-control-allow-origin with multiple domains
  4. Avoid web.config inheritance in child web application using inheritInChildApplications
  5. How to increase request timeout in IIS?
  6. Setting up connection string in ASP.NET to SQL SERVER
  7. Use Visual Studio web.config transform for debugging [duplicate]
  8. How to set the Default Page in ASP.NET?
  9. ASP.NET web.config: configSource vs. file attributes
  10. How to prevent an ASP.NET application restarting when the web.config is modified?
  11. Error to use a section registered as allowDefinition=’MachineToApplication’ beyond application level
  12. Difference between and ?
  13. IIS URL Rewrite and Web.config
  14. Reading web.config from JavaScript
  15. ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d
  16. Web Application Problems (web.config errors) HTTP 500.19 with IIS7.5 and ASP.NET v2
  17. Setting up redirect in web.config file
  18. HTTP Error 500.19 – Internal Server Error
  19. Escape quote in web.config connection string
  20. How to configure invariant culture in ASP.NET globalization?
  21. What are the Web.Debug.config and Web.Release.Config files for?
  22. Nested ASP.NET ‘application’ within IIS inheriting parent config values?
  23. Web Config Transform not working
  24. Is it possible to configure a location in Web.config to only allow local connections
  25. Allow anonymous authentication for a single folder in web.config?
  26. Programmatically register HttpModules at runtime
  27. Unrecognized attribute ‘targetFramework’. Note that attribute names are case-sensitive
  28. Editing Web.config programmatically
  29. How can I reference an appSetting in a different part of web.config
  30. URL Routing, Image Handler & “A potentially dangerous Request.Path value”

Leave a Comment