Configuring Machine Keys in IIS 7
Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista
Machine keys help protect Forms authentication cookie data and page-level view state data. They also verify out-of-process session state identification. ASP.NET uses the following types of machine keys:
A validation key computes a Message Authentication Code (MAC) to confirm the integrity of the data. This key is appended to either the Forms authentication cookie or the view state for a specific page.
A decryption key is used to encrypt and decrypt Forms authentication tickets and view state.
Prerequisites
For information about the levels at which you can perform these procedures, and the modules, handlers, and permissions that are required for these procedures, see Machine Keys Feature Requirements (IIS 7).
Procedures
This task includes the following procedures:
Generate a Machine Key (IIS 7)
Select a Machine Key Encryption Method (IIS 7)
Select a Machine Key Decryption Method (IIS 7)
Generate a Validation Key at Runtime (IIS 7)
Generate a Unique Validation Key for Each Application (IIS 7)
Generate a Decryption Key at Runtime (IIS 7)
Generate a Unique Validation Key for Each Application (IIS 7)