BlogEngine.Net machineKey Configuration

by chris 1/16/2008 11:16:46 PM

I started thinking about how my web.config should be configured in regards to the machineKey values.  I did a little investigationand discovered that Microsoft has a specific recommendation for when you only have one web server.  Here the blurp from the article:

With the default values of Auto for the decryption attribute and AutoGenerate,IsolateApps for the decryptionKey, tickets are encrypted with AES symmetric encryption. As far as possible, ensure that both the validation and decryption keys are set to AutoGenerate instead of being hard-coded. 

   1: <machineKey 
   2:   validationKey="AutoGenerate,IsolateApps" 
   3:   decryptionKey="AutoGenerate,IsolateApps" 
   4:   validation="SHA1" 
   5:   decryption="Auto" />
 
I made the configuration changes over a month ago and haven't had any problems.  I decided to make the change to help keep my web.config simple and clear.

,

BlogEngine.NET | Technology

kick it up to DotNetKicks.com  
Permalink Comments (1) Post RSSRSS comment feed

Comments

Add comment


(Will show your Gravatar icon)  

  Country flag

biuquote
Loading



Powered by BlogEngine.NET Theme by Mads Kristensen Hosted by 1and1 Hosting Sign in
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way. © 2008 Chris Blankenship

Welcome to my blog

Welcome to my site

Villainy wears many masks,
none of which so dangerous as virtue…

Subscribe to comments feed Recent comments exp/col

My tags Ramblings Tags exp/col

My Delicious Tags Del.icio.us Tags exp/col

Download my OPML file Blogroll exp/col

My tags Categories exp/col

View Chris Blankenship's profile on LinkedIn   DSCODUC on Technorati

check out my neighbors in meatspace  

Stop Spam Harvesters, Join Project Honey Pot   This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License