Creating a Machine Key
The database.config and encryption.config files are saved in an encrypted
form, so that your connection string and encryption key remain protected.
If you are installing AbleCommerce to a web farm or clustered environment,
you must take additional steps so that this file encryption will work
properly.
You may experience a problem with having to continuously login. You
may also experience MAC validation errors. If this
happens, follow the steps below:
1) Visit this URL: http://aspnetresources.com/tools/keycreator.aspx
2) The default values for key generation are correct (64/24/SHA1), click
Generate
3) Copy the resulting machine key.
4) Open the web.config
for the store, and paste the copied machine key after the line that says
<system.web>
6) Save web.config and restart the IIS application service.
When you don’t specify the machine key in web.config, ASPNET automatically
generates one for the application. If something
causes the application to recycle, the key is regenerated. If
the application recycles between requests, then any data that was downloaded
by the browser was recorded with the first key, and validated with the
second. This turns into the MAC validation error,
because the keys are not the same. This is why
the error mentions clustered environments, because the same issue occurs
if you move from one server to another between requests.
When you set the key in the web.config file, ASPNET uses this key rather
than auto generating. That ensures that even if
an application recycle takes place, the validation will be correct. This
is used for things like session cookies, authentication, viewstate validation,
event validation, and so on.
|