IsolateApps causes Decryption key specified has invalid hex characters

WernerVA picture WernerVA · Feb 21, 2013 · Viewed 28k times · Source

I working on a MVC 4 site which has uses Authentication. The site requires that I specify the Machine Key values. I did this via the IIS interface having deselected the "automatically generate at runtime", generated the key values and having selected "generate a unique key for each application"

The web.config entry looks something like this:

<machineKey decryption="DES" decryptionKey="{hex-key value},IsolateApps" 
    validationKey="{hex-key value},IsolateApps" />;

While this seems to work fine on another web project it causes the "Decryption key specified has invalid hex characters" error on the dev machine I am working on now (both in IIS-Express and IIS 7.5).

Removing ",IsolateApps" from the key values solves the issue but since I need this option on in production I dont want to be removing it now only to have this issue when deploying.

What gives? The dev box is a SQL 2008 R2 box with .net 2.0 and .net 4.0.

Answer

Joe Daley picture Joe Daley · Mar 14, 2013

The IsolateApps modifier causes ASP.NET to generate a unique key for each application on your server. This is only applicable if you are getting ASP.NET to auto-generate keys at runtime.

If you are not getting ASP.NET to auto-generate keys, and are instead specifying the keys using decryptionKey="{hex-key value}", then the way to get ASP.NET to use a different key for each application is to simply specify a different key in each application's Web.config.

The IIS config GUI allows you to create a Web.config with an explicit key together with the IsolateApps modifier, which is invalid, and in my opinion is a bug in the config GUI.