IsolateApps causes Decryption key specified has invalid hex characters

Question

I working on a MVC 4 site which has uses Authentication. The site requires that I specify the Machine Key values. I did this via the IIS interface having deselected the \"au

Answer 1

This can be fixed by adding the machineKey line into your web.config, and specifying your keys as shown below (use your own key though of course, this one is easily guessable):

<configuration>
 <system.web>
  <machineKey decryptionKey="0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0" validationKey="0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF00123456789ABCDEF0123456789ABCDEF0123456789ABCDEF00123456789ABCDEF0123456789ABCD" />
 </system.web>
</configuration>

Answer 2

The IsolateApps modifier causes ASP.NET to generate a unique key for each application on your server. This is only applicable if you are getting ASP.NET to auto-generate keys at runtime.

If you are not getting ASP.NET to auto-generate keys, and are instead specifying the keys using decryptionKey="{hex-key value}", then the way to get ASP.NET to use a different key for each application is to simply specify a different key in each application's Web.config.

The IIS config GUI allows you to create a Web.config with an explicit key together with the IsolateApps modifier, which is invalid, and in my opinion is a bug in the config GUI.

Answer 3

You can fix the issue by adding the following to the machineKey element (compatibilityMode="Framework20SP1") in the web.config See Link