Configuring Machine Keys in IIS 7

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

Machine keys help protect Forms authentication cookie data and page-level view state data. They also verify out-of-process session state identification. ASP.NET uses the following types of machine keys:

  • A validation key computes a Message Authentication Code (MAC) to confirm the integrity of the data. This key is appended to either the Forms authentication cookie or the view state for a specific page.

  • A decryption key is used to encrypt and decrypt Forms authentication tickets and view state.

Prerequisites

For information about the levels at which you can perform these procedures, and the modules, handlers, and permissions that are required for these procedures, see Machine Keys Feature Requirements (IIS 7).

Procedures

This task includes the following procedures:

Generate a Machine Key (IIS 7)

Select a Machine Key Encryption Method (IIS 7)

Select a Machine Key Decryption Method (IIS 7)

Generate a Validation Key at Runtime (IIS 7)

Generate a Unique Validation Key for Each Application (IIS 7)

Generate a Decryption Key at Runtime (IIS 7)

Generate a Unique Validation Key for Each Application (IIS 7)

Generate a Machine Key for a Web Farm (IIS 7)