Setting the Machine Key

From AbleCommerce Wiki
Jump to: navigation, search

Sometimes when using ASP.NET enabled website you may get the following error

Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.

There are several ways to get around this problem:

  • Host your site on a server that never restarts or recycles! Obviously, this is impossible!
  • Disable ViewstateMac by putting this enableViewStateMac="false" in your web.config. This approach is not 100% secure.
  • Configure ASP.NET to not use Auto-Generated Key but rather a predefined key. This is the preferred method.

The last option, using predefined key, is the most secure and suggested method to use. There is a free Machine Key generator tool available at the following link

http://aspnetresources.com/tools/keycreator.aspx

In order to generate the key using this tool leave the defaults in place; validation key length 64, encryption key length 24, type sha1. Then click Generate to create a random machine key for you and copy the result.

Now open the web.config file from your site. Find around line which shows <system.web> And paste in the <machineKey ... /> on the next line. Save the web.config file.